Re: One for Steve Foster
- From: "Gary D" <gary@xxxxxxxxxxxxxxxx>
- Date: Fri, 29 Apr 2021 16:13:17 +0100
Thanks for the reply again steve.
I have the ALLOW ALL rule as you explained. I also have a rule which Denies
access to "All except Selected Destinations" for the user in question. When
trying to access ANY destination from the users client PC I am prompted for
username and password to connect to ISA. I have installed ISA SP2 if that
has any bearing.
Confused !
and thanks again,
Gary
"Steve Foster [SBS MVP]" <steve.foster@xxxxxxxxxxxxx> wrote in message
news:xn0e1kw1cmq42c008@xxxxxxxxxxxxxxxxxxxxxxx
> Gary D wrote:
>
>> Hi Steve. You replied to my earlier post about restricting web sites
> using
>> destination sets and s/c rules in ISA.
>>
>> I had a default set of SBS2003 rules. I am able to ALLOW a user access
> to
>> all websites except for hotmail.com (for example). BUT I am unable to
> DENY
>> the user access to all websites except for hotmail.com
>>
>> When the 2nd scenario is in place all websites seemed to be barred, as
>> though the specific allow (for hotmail.com) is being ignored.
>
> As I undoubtedly explained, Deny always beats Allow.
>
> So, any Rule that Denies All effectively kills all access (this is handy
> to know if you've got a trojan/spyware/whatever spewing crud to the net).
>
> You need two Rules:
>
> * one to Allow access to specific sites (or a blanket Allow All)
> * one to Deny access to "All except Selected Destinations" using the
> allowed sites set
>
> --
> Steve Foster [SBS MVP]
> ---------------------------------------
> MVPs do not work for Microsoft. Please reply only to the newsgroups.
.
- References:
- One for Steve Foster
- From: Gary D
- Re: One for Steve Foster
- From: Steve Foster [SBS MVP]
- One for Steve Foster
- Prev by Date: Re: One for Steve Foster
- Next by Date: Re: One for Steve Foster
- Previous by thread: Re: One for Steve Foster
- Next by thread: Re: One for Steve Foster
- Index(es):
Relevant Pages
|
