[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 416
  • Last Modified:

Users frequently get Browser login pop ups


I installed ISA 2004 on our network. We are using ISA to block domains and websites which are prohibitted. ISA is installed on a domain member server. ISA in on the internal network. Outside we have a PIX firewall.

Users frequently get pops asking for login whilst they are browsing. Strangely I do not get these pops up. May be bacause I am in the domain admin group. how do I stop this pop ups?





0
anyirongo
Asked:
anyirongo
1 Solution
 
Keith AlabasterEnterprise ArchitectCommented:
Are you using ISA in proxy or firewall mode?
How are you connecting to ISA? SecureNAT? ISA client? Web Proxy? Transparent Proxy?
How have you set up your outgoing rule(s) for http/https access? How are they authenticating?
0
 
anyirongoAuthor Commented:

I am using ISA proxy with firewll access rules defined to block some websites. The users connect to ISA via their browsers. All XP clients. ISA is on the internal network with on direct interface with the internet. We are using web proxy. users are authenticating using windows domain users accounts.
0
 
Keith AlabasterEnterprise ArchitectCommented:
Can you clarify this please? You are using in Proxy mode but with an interface direct to the internet?
0
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

 
anyirongoAuthor Commented:

sorry ISA has no direct interface with the internet
0
 
Keith AlabasterEnterprise ArchitectCommented:
OK. So you are in proxy mode, thats fine.

Can you give some details on how you have created your allow outgoing rules and how you are using the exceptions/user groups?

0
 
anyirongoAuthor Commented:


the first access rule denies or blocks access to some websites to all users on the internal network. (here I used the all users group in ISA)

the second access rule permits all domain users to access the internet. (here I connected to the domain users in active directory on a different server. ISA is not a DC)

then we have the default deny rule at the end.





0
 
Keith AlabasterEnterprise ArchitectCommented:
And which ones are getting pop-ups. i bet it is the Active Directory group based sites; not the all users that is having the problem?
0
 
rsivanandanCommented:
One of the ways to keep the 'authentication' state while using browser would be to enable that feature in the browser. For Internet Explorer;

Tools->Internet Options->Security Tab->Custom Options

Go down and get to 'User Authentication'->Logon. Select 'Automatic logon with current username & password' option.

Cheers,
Rajesh
0
 
anyirongoAuthor Commented:

the ones getting popups are only active directory group based sites.  
0
 
anyirongoAuthor Commented:

I managed to get this resloved. The problem was  an ISP DNS server on the name server list in active directory DNS. When I removed this DNS  entry pop ups stopped.

I request that the discussion is closed
0
 
GhostModCommented:
PAQed with points refunded (125)

GhostMod
Community Support Moderator
0

Featured Post

Managing Security & Risk at the Speed of Business

Gartner Research VP, Neil McDonald & AlgoSec CTO, Prof. Avishai Wool, discuss the business-driven approach to automated security policy management, its benefits and how to align security policy management with business processes to address today's security challenges.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now