MrPrince
asked on
ISA 2004 Proxy Logging
Hi
Just a quick questing regarding proxy logging in ISA-2004. I’ve set all my users to authenticate with my server before being allowed access to the internet. When I view the proxy logs I see anonymous listed in ‘Client Username’ which have ‘failed connection’ before a third log below it with the correct domain/user details and access being allowed.
Basically it’s this:
https://www.microsoft.com/technet/prodtechnol/isa/2004/plan/tb_logging.mspx#LogsShowRequestsfromAnonymousUsers
I have validated that the anonymous requests are followed by a request from an actual, authenticated user. But I can’t get it to stop.
I’m not using the firewall client.
Any ideas?
Thanks.
Just a quick questing regarding proxy logging in ISA-2004. I’ve set all my users to authenticate with my server before being allowed access to the internet. When I view the proxy logs I see anonymous listed in ‘Client Username’ which have ‘failed connection’ before a third log below it with the correct domain/user details and access being allowed.
Basically it’s this:
https://www.microsoft.com/technet/prodtechnol/isa/2004/plan/tb_logging.mspx#LogsShowRequestsfromAnonymousUsers
I have validated that the anonymous requests are followed by a request from an actual, authenticated user. But I can’t get it to stop.
I’m not using the firewall client.
Any ideas?
Thanks.
I know it is not the answer you want but the truth is it is doing what it should. Part of this process is the ISA returning a 'failed' signal and asking for the authentication.
ASKER
I thought it was, so is it safe to ignore these events? I.E. for every 'real' log entry there are two redundant ones. Can they be filtered out?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thought so... Ah well, thanks for the sounding board.
Welcome :)