Deny Internet access to specific workstations ISA 2004 sp1 [Thanks for the effort]



  • 1. Password Management with LDAPS
    Hi everybody, i've got an ISA server 2006 running an a DMZ which runs as a workgroup server thus NOT joining the domain. Authentication is done via LDAPS against the DC in the internal network. I published your Exchange server via OWA, configured FBA on the ISA server and also activated the password management. Everything works fine so far. Users can log in, log out, they receive a warning messages when passwords are about to expire, and users are automatically redirected to the change password dialog. The small problem I have is that users can only change their password if they logon with DOMAIN\user although I configured ISA to use DOMAIN as default. When they logon w/o specifying the NETBIOS domainname the browser displays error code 500 internal Server error. Any ideas? BTW, LDAP expression in the LDAP server set is set to "DOMAIN\*". And again, DOMAIN\user login syntax is only required for changing the password. Everything else (OWA, password expire warnings) also works when users log in only with their loginname. Greetings, Ralf
  • 2. ISA Server 2006 over SBS 2003
    Hello, Can I install ISA Server 2006 in an enviroment with Small Business Server??? Best Regards, Maurico
  • 3. Help!! Multiple login prompts with OWA using IE
    I am trying to login to an external OWA server. I access the Internet through proxy using ISA 2004 SP1. Through IE, I get prompted to login to the OWA server and I repeadtly keep getting prompted to login but never see the Inbox. If I use firefox going through the same ISA box, I get prompted once and I am right in. I have caching disabled to this site. I've even turned off using integrated authentication in IE. Any ideas on why this is happening? -Brian
  • 4. HTTP Application signature with proxy : How ?
    Hello, I have a Isa server 2004 with multiple network card for firewall service. And i have a isa server 2004 with just one network card for Proxy/cache service. Like this : Workstation ---+--- [ISA Firewall] --- Internet ! ! [ISA Proxy] Where (which server) do i have to put the Web application signature filtering (to block Messenger ..Etc) ? I have to modify the HTTP web rule to add the application signature filtering on the Proxy server or on the Firewall server ? Thanks for all ...

Re: Deny Internet access to specific workstations ISA 2004 sp1 [Thanks for the effort]

Postby Bill Harrison » Sun, 07 Aug 2005 00:38:01 GMT

Just wanted to say thanks for the time you all have taken to help me with 
this. Perhaps ISA 2006 will be able to do this.

Thanks again,


Similar Threads:

1.Deny Internet access to specific workstations ISA 2004 sp1

We need to deny internet access to a few workstations. I can see where we 
can deny based on IP address but these are DHCP clients. What I'd really 
like to do is create a group in Active Directory called "Denied 
Workstations" and add or remove computers from that group as needed.


2.ISA 2004 configured to block Internet access for workstations but workstations still able to use Internet

ISA 2004 configured to block Internet access for all workstations but 
workstations still able to access Internet

Why are the workstations still able to access the interent 

3.Denying Internet site specific access via ISA


I am attempting to restrict interest access by one client to a specific
internet site and not gaining much headway.

SBS2K SP1, DHCP enabled, 2 NICS and broadband. Clients running ISA firewall

Here's what I have done so far and I must be missing something since the
client (Win2K) can still access the site I am attempting to restrict.

In ISA, set a Policy Element / Destination Set to the site I want to
restrict. I've done with twice - 1 with the FQDN and the other using the
sites actual IP address.

In ISA Access Policy, set a policy with the Destination set to the
"forbidden" sites FQDN. Created another with the forbidden sites actual IP
address.  Action tab set to Deny and Apply Tab set to my local client user.
Another one created with apply to tab set to local user client (internal
network) computer name.

Nothing works... they can still reach the outside internet site even after
updating the ISA firewall client with the Update Now tab.

I'm sure I'm missing something but can't seem to figure out what that may

Any ideas appreciated.

Bill Dunn

4.Workstations can't access Internet after removing ISA 2004


I have encountered a problem after removing ISA 2004 from my test SBS 2003 
network. I removed the client firewalls first, uninstalled ISA 2004, and 
reran CEICW.

Everything seems to work well except for one big problem: none of the 
workstations can access the Internet. The server can access the Internet 
fine. The workstations can access companyweb OK, but not any external site. 
This is true not only for a named URL but also for a dotted quad address. 
Any attempt just generates a "This page cannot be displayed" error. Also, no 
pings get through.

To check that it wasn't a workstation configuration problem I prepped a 
fresh PC, ran connectcomputer on it and tried to access an external site but 
no go. Same problem.

Any ideas would be quite helpful.


Ezra Herman

5.How to deny Internet Access for Specific Computer with IP address obtained from

Urgently need to know how to configure the ISA server to 
deny Internet access to specific computer with IP address 
obtained from DHCP.


6. deny access to specific web pages for specific users

7. Internal Workstation Denied Access with ISA 2006


Return to ISA


Who is online

Users browsing this forum: No registered users and 48 guest