Hi,
I am just wondering if someone can help me? We have a SBS2000 setup
with ISA running just in cache mode and an external PIX (please no
comments about firewalls security etc). The issue has come about that
we need to enable the publishing of the ISA server proxy via auto
discovery due to the company now having a number of VPN and laptop
clients (all Secure NAT). I know how to set up Automatic Discovery and
I also know of the problem of the default port 80 conflicting with the
IIS, additionally the Auto Discovery needs to work via DNS so we
cannot change the default port in ISA. My answer was to set up two
internal IP addresses on the internal NIC and have ISA listen on the
second IP (192.168.16.8) address and remove any listening on the
standard 192.168.16.2, so that ISA and IIS could both listen to port
80. I have set up the WPAD alias and A record to point to the second
IP address
I thought this should work but when a VPN client logs in and trys to
access a web page a login prompt appears for 192.168.16.2 - should
this not be 192.168.16.8? The credentials a entered and seem to be
accepted, but no external web pages can be acessed. Why does the login
prompt appear when the user details have aready been entered via the
VPN login and why does it continue to point to 192.168.16.2 - have I
missed something?
I know our Internet gateway is configured to only allow 192.168.16.2
to access the Internet so no one can by-pass the proxy, can this be
causing the problem. If ISA server listens on 192.168.16.8 does it
also send the request out for the web page via 192.168.16.8 or
192.168.16.2 - I do not know how ISA handles this.
Any help would be appreciated.
Thanks
Zane