Jim
Tue May 06 18:41:34 CDT 2008
The "Default" rule is a deny rule, rejecting any traffic regardless of the
user, protocol or destination.
If this rule contains specific protocols, users, sources, destinations or
users, someone did this manually (not via the ISA UI).
--
Jim Harrison (ISA SE)
This posting implies no warranty and confers no rights.
http://catb.org/~esr/faqs/smart-questions.html
"Nadi" <Nadi222@hotmail.com> wrote in message
news:urxodT7rIHA.5724@TK2MSFTNGP06.phx.gbl...
Thanks for the reply, but Believe me, i found the domain users groups from y
10 domains in the ISA Server Default Policies. I.E. in every ISA of my 10
ISAs, every default ISA Server Default Policy has its domain "Domain users"
group in it thus all the users are allowed access !!!!!!!
I'm thinking of opening a case with MS to check how this happened
"Jens Baier" <jensbaier@passport.com> wrote in message
news:%23Bt1EWzrIHA.5060@TK2MSFTNGP03.phx.gbl...
> Hi,
>
>> AD User DIal-In Tab has "Allow Access through Remote Access Policies" By
>> default.
>
> AD native mode result
>
>> IN the "ISA Server Default Policy", the "Policy condition" has the
>> "Domain Users" group
>> Action "Grant Remote Access Permission"
>
> OK, but you manually have to activate VPN and you must manually select the
> users or groups that have the right to use VPN. I don't see any security
> risk.
>
> regards Jens
> www.nt-faq.de