[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

User and URL Information displaying as IP Addresses in ISA 2006 reports

Posted on 2011-05-01
16
Medium Priority
?
791 Views
Last Modified: 2012-06-21
Hi Experts, I have noticed that my ISA Server reports do not display the name of my users under "Top Users" section of the report but rather just the IP address of their machines. Also under the "Top Websites" it just displays the IP addresses of the top websites rather than the full URL. Kindly advise how I can get the ISA 2006 reports to display the username of my Top Users and the URL of the top websites.
0
Comment
Question by:nimocan
  • 10
  • 6
16 Comments
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 35500569
First you need to ensure you are using an authenticated user base such as an AD group in the access rules rather than All Users. Alternatively you can deploy the ISA firewall client if you have two nics in the ISA server.
0
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 1500 total points
ID: 35500572
Also, make sure you are using the web proxy client (set the web proxy address in the browser proxy settings)
0
 

Author Comment

by:nimocan
ID: 35500589
Unfortunately I cannot enable authenticated users because I have alot of users that we host at our office and it would be cumbersome to keep going to them to inform them of the user account they should to authenticate. I have enabled my clients for web proxy access but when we put the settings in the browser proxy settings, we are not able to access our published servers i.e. Sharepoint and Exchange OWA. Maybe you can advise of a way around these issues?
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 35500672
Then you will not pick up names in the logs.

The account name will be their active directory account - they do not need a separate user account.
For the published servers, you do not need to maually set the detatails in the proxy settings. Use a proxy pac file and wpad so that they are automatically inserted when on the network and ignored when outside.
0
 

Author Comment

by:nimocan
ID: 35500747
Thanks for the advise Keith, but in the case of the authentication issue, many of the guests who we connect to the internet from our offices are not AD users i.e. not part of our domain. That is the challenge. We had previously configured wpad on our ISA / DHCP server but later when we deployed our published servers, we could not connect to them even from within the network as long as the "automatically detect settings" checkbox in LAN Settings of IE was checked. It only worked when the option was unchecked. So probably this is a secondary issue to this problem that we need to resolve in order to use wpad.
0
 

Author Comment

by:nimocan
ID: 35500757
Also, sometimes a few user names (from our AD) show up in the ISA report with a ? next to the name. Not sure what that means.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 35500996
I see. As none of the organisations I work with would even dream of allowing non-company equipment or users onto the internal network it is not a situation I have had to deal with. We provide a separate wireless network for our installations for 'visitors' and the like and their vlans are brought in via the DMZ (outside of ISA/FTMG) so the published sites still operate correctly.

Names with question marks generally mean that credentials have been passed with a request but have not been validated against a directory (ISA has not been requested to validate).
0
 

Author Comment

by:nimocan
ID: 35501065
Ok, but still I don't understand why I cannot access our published servers from within the LAN when "automatically detect settings" is selected. If I can resolve that then I believe I can resolve the issue of the top website URLs being displayed in the ISA reports.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 35501110
sit at a pc. Do an nslookup of the published site - does it give an internal or external ip address?
0
 

Author Comment

by:nimocan
ID: 35501145
NSlookup from within my office network it gives me the internal ip address of the published site while nslookup from outside gives me the public IP address.
0
 

Author Comment

by:nimocan
ID: 35501211
By the way, the error I get when trying to access the published site when "automatically detect settings" is checked in the IE settings is "502 Proxy Error. The ISA Server denied the specified URL"
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 35501436
502 is a permissions error.
Have you not exempted the internal urls?
0
 

Author Comment

by:nimocan
ID: 35503097
What do you mean by exempted?
0
 

Author Comment

by:nimocan
ID: 35504538
How do you exempt internal URLs from ISA firewall rules?
0
 

Author Comment

by:nimocan
ID: 36455071
I was able to resolve the problem of not being able to access the published website by creating a DMZ interface on the ISA Server and creating a network rule to enable LAN clients access the DMZ. Thanks for the comments on the authenticated users. I will implement this scenario to seperately provide internet connectivity to my non-AD users and thus be able to authenticate my AD users.
0
 

Author Closing Comment

by:nimocan
ID: 36455096
The solution addressed only part of my query.
0

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are three types of ISA client that can be configured - these can be individual clients or multiples of a client on each PC or server SecureNAT. A SecureNAT client for ISA server is a client machine, work station or server, that has its defa…
In all versions of ISA Server and the current version of FTMG, the default https protocol uses TCP port 443 and 563 only. This cannot be changed within the ISA or FTMG GUI and must be completed from a Windows cmd prompt on the ISA Server itself. …
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
Is your OST file inaccessible, Need to transfer OST file from one computer to another? Want to convert OST file to PST? If the answer to any of the above question is yes, then look no further. With the help of Stellar OST to PST Converter, you can e…
Suggested Courses
Course of the Month20 days, 6 hours left to enroll

873 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question