Enable local a/c on client for Internet via ISA

TheMSsForum.com: The Microsoft Software Forum

Hi - bit of a basic question

We need to allow a local (admin) account to be able to send/receive data via
the Internet (we have ISA in 2NIC setup, with ADSL).

What steps are needed to 'clear' this with ISA Firewall Client?

Thanks
Top

Re: Enable local a/c on client for Internet via ISA by Marina

Marina
Thu Nov 04 19:29:07 CST 2004

Hi Jann,

I don't really understand. All users should be loggin into the domain. That
way they will be authenticated by ISA automatically. Why would you need it?

--
Regards,

Marina
Microsoft SBS-MVP

"Jann" <jann@dial.pipex.com> schreef in bericht
news:Odi5EFswEHA.3024@TK2MSFTNGP14.phx.gbl...
> Hi - bit of a basic question
>
> We need to allow a local (admin) account to be able to send/receive data
via
> the Internet (we have ISA in 2NIC setup, with ADSL).
>
> What steps are needed to 'clear' this with ISA Firewall Client?
>
> Thanks
>
>


Top

Re: Enable local a/c on client for Internet via ISA by Kevin

Kevin
Thu Nov 04 22:01:10 CST 2004

if they should not or will not need to log into the server, then you'll need
to connect them so as to bypass the server completely - which means
connecting them directly (via a hub/switch) to your ADSL modem.
--
Kevin Weilbacher [SBS-MVP]
"The days pass by so quickly now, the nights are seldom long"


"Jann" <jann@dial.pipex.com> wrote in message
news:Odi5EFswEHA.3024@TK2MSFTNGP14.phx.gbl...
> Hi - bit of a basic question
>
> We need to allow a local (admin) account to be able to send/receive data
> via
> the Internet (we have ISA in 2NIC setup, with ADSL).
>
> What steps are needed to 'clear' this with ISA Firewall Client?
>
> Thanks
>
>


Top

Re: Enable local a/c on client for Internet via ISA by Jann

Jann
Fri Nov 05 06:37:43 CST 2004

Hi Marina, Kevin,

You are going to wish you never asked...

We had an app put on a client machine by a 3rd party installer which needs
to use the desktop SQL stuff. Long story, but effectively it needs to
occasionally go out onto the internet, communicate with a real SQL server
and pull back data.

Well, opened up ISA for that remote IP address and all seemed ok. A bespoke
script writen by a dev guy was able to pull back the data and write it. But
when the standard SQL thing (excuse my ignorance) ran, it kept having
permissions problems and couldn't write any data.

To be fair, the firm tried everything to solve it - Win2000 client rather
than XP SP2, using SQL Server on the SBS to link to the desktop SQL - , but
obviously they are more SQL heads than Win heads. They muttered about
Default Domain policy possibly causing problems, but I explained that this I
never touch - only use custom Group Policies, and in any case they were
logged on at the client using a Domain Admin a/c - the one I use to install
all apps - which has no custom GP applied.

So... in the end, and late in the day, the only way they got it to work was
to log on as a Local Admin, and use a dial-up modem. The app could
cheerfullly dial up and pull down the data and write to the desktop SQL db.

Hence my dilemma - we threw out modems ages ago, and if we are to use a
Local a/c, I need net access (though obviously I'd prefer to use domain
a/c).

Now, you see - you wish you never asked...


;O)


Top

Re: Enable local a/c on client for Internet via ISA by Jim

Jim
Fri Nov 05 08:54:22 CST 2004

There is an article at www.smallbizserver.net about MAC access. You
set up the computer as a secure nat client. I have done this for some
accounts that need to get to the hospital systems, for Unix servers
and for MACs. If they know the protocols it should work.

"Jann" <jann@dial.pipex.com> wrote:

>Hi Marina, Kevin,
>
>You are going to wish you never asked...
>
>We had an app put on a client machine by a 3rd party installer which needs
>to use the desktop SQL stuff. Long story, but effectively it needs to
>occasionally go out onto the internet, communicate with a real SQL server
>and pull back data.
>
>Well, opened up ISA for that remote IP address and all seemed ok. A bespoke
>script writen by a dev guy was able to pull back the data and write it. But
>when the standard SQL thing (excuse my ignorance) ran, it kept having
>permissions problems and couldn't write any data.
>
>To be fair, the firm tried everything to solve it - Win2000 client rather
>than XP SP2, using SQL Server on the SBS to link to the desktop SQL - , but
>obviously they are more SQL heads than Win heads. They muttered about
>Default Domain policy possibly causing problems, but I explained that this I
>never touch - only use custom Group Policies, and in any case they were
>logged on at the client using a Domain Admin a/c - the one I use to install
>all apps - which has no custom GP applied.
>
>So... in the end, and late in the day, the only way they got it to work was
>to log on as a Local Admin, and use a dial-up modem. The app could
>cheerfullly dial up and pull down the data and write to the desktop SQL db.
>
>Hence my dilemma - we threw out modems ages ago, and if we are to use a
>Local a/c, I need net access (though obviously I'd prefer to use domain
>a/c).
>
>Now, you see - you wish you never asked...
>
>
>;O)
>

Jim B. SBS Community Member
remove the mvp to send email
Top

Re: Enable local a/c on client for Internet via ISA by Jann

Jann
Fri Nov 05 19:55:32 CST 2004

Thanks, Jim

>>an article at www.smallbizserver.net about MAC access. << - apologies if
I'm being dumb, but can't see it?

Incidentally, more info is coming to light re SQL/ failure to bind on
sockets - shall post separately when I've collated the various info.


Top