Linux behind ISA
Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: Linux behind ISA

  1. #1
    Senior Member
    Join Date
    Aug 2002
    Posts
    651

    Linux behind ISA

    In the spirit of technical discussion, I've got one for you guys. I have tried everything that comes to mind, but I cannot get my RH 7.2 machines to connect to the internet from behind an ISA server. I end up having to temporarily put it on the Firewall directly. Does anyone have any suggestions. I tried configuring the necessary information in Netscape for the proxy, but this still doesn't work. The connection is being dropped so it seems. Any help would be appreciated. I wasn't sure where to put this since it was behind an ISA server, but using a Linux box, so I put it in Misc. My search didn't turn up much here or on google.


    Thanks,

    t2k2
    Opinions are like holes - everybody\'s got\'em.

    Smile

  2. #2
    Senior Member
    Join Date
    Jan 2002
    Posts
    458
    I have done this in the past and haven't had any problems with it as long as all the proxy settings were correct. Have you tried connecting with a different type of box from behind the proxy, and also are you using any type of proxy authentication? Without more details, I don't know what else to suggest other than making sure all your browser settings are correct including the port number (are you using 8080?). Perhaps try telnetting to whatever port you are using and make sure it doesn't timeout

    Give me some more info, and I will try to help some more

  3. #3
    Senior Member
    Join Date
    Aug 2002
    Posts
    651
    Yeah, sorry about that. I configured it to use 80, and I made sure that the ISA server's name/address was correct. Did you have to add anything special to the proxy server to accept requests from your Linux box?
    Opinions are like holes - everybody\'s got\'em.

    Smile

  4. #4
    Senior Member
    Join Date
    Feb 2002
    Posts
    177
    You have to allow use of the proxy for the RH machine.
    On the ISA, create a client address set using the RH's IP address. Then create Access Policy Rules (Protocol mainly) allowing http access, and apply it to the client set you created for your nix machine.
    That should work just fine for you. Assuming this is in fact an ISA problem.

  5. #5
    Junior Member
    Join Date
    Oct 2001
    Posts
    5
    Did you check your routes? Is the ISA your default Gateway? What about DNS? can you ping through it?
    Binary_01

    A Journey of a thousand miles is started by taking the first step.

  6. #6
    Junior Member
    Join Date
    Aug 2001
    Posts
    5
    In my limited experience with ISA server and ahving a bit of grief myself with some clients you said you had proxy on the client configured to port 80 my understanding is that ISA uses 8080 as its defualt have you tried that ? and do you have any filters set on the ISA server ?

  7. #7
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    how is your ISA server configured ie, caching proxy, firewall only both

    do you use dhcp on your network and if so is rh's dhcp client turned on

    if not are your tcp/ip setting correct?
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  8. #8
    Senior Member
    Join Date
    Jan 2002
    Posts
    458
    if you are using the ISA as a proxy, then you should not even need a default gateway unless the ISA is on a different subnet from your box. If you are using it a firewall, then yes, you will need a gateway to be set. I am assuming you have tried the obvious, but I think Tigerdaz is correct in saying that the default is 8080. It has been a while, so I don't remember for sure though.

    Have you tried it from a different machine yet, if that works, try that machine with the IP address of the linux box, you would then know immediately if it is a proxy issue or a client configuration issue. What was the result of the telnet to the proxy port?

  9. #9
    Senior Member
    Join Date
    Aug 2002
    Posts
    651
    This is the third machine I have tried it from. All of them are RH 7.2. We have configured the proxy for 80, even though 8080 may be the default. The current client address set that is defined includes the address that is assisgned to the RH boxes, and http, https, ...traffic is allowed. We are not using it as our firewall, so it doesn't need to be specified as the default GW. It's used mainly for caching and limiting Internet Access.
    Opinions are like holes - everybody\'s got\'em.

    Smile

  10. #10
    Senior Member
    Join Date
    Jan 2002
    Posts
    458
    hmmm...perhaps you should try a sniffer trace to find out what is going on. Is the traffic actually making it to the proxy, and if so, what the proxy doing with it.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •