ISA Server Site and Content Rules Are Not Enforced for HTTP Content (819128)
The information in this article applies to:
- Microsoft Internet Security and Acceleration Server 2000
SYMPTOMSWhen you configure a Site and Content Rule access policy on your Internet Security and Acceleration (ISA) Server computer or array, the Site and Content rule is not enforced.
Clients are permitted to view the site or content that you tried to block, or clients are prevented from viewing the site or content that you intended to allow.CAUSEThis issue may occur if all the following conditions are true in at least one of your Site and Content rules:
- The rule applies to is one of the following destinations:
All external destinations
Specified destination set
All destinations except selected set - The Site and Content Rule is configured to block or permit HTTP content.
- ISA Server 2000 cannot resolve names included in your destination set by using Domain Name System (DNS) name resolution.
- You have not configured ISA Server 2000 to skip domain name resolution by using the SkipNameResolutionforAccessandRoutingRules registry entry, as described in the following Microsoft Knowledge Base article:
292018 Slow Response from Downstream ISA Server Using Web Proxy Chaining
RESOLUTIONTo resolve this issue, verify your DNS configuration to make sure that ISA Server 2000 can successfully resolve domain names included in your destination sets.
WORKAROUNDTo work around this issue, configure the SkipNameResolutionforAccessandRoutingRules registry entry, as described in the following Microsoft Knowledge Base article: 292018 Slow Response from Downstream ISA Server Using Web Proxy Chaining
This prevents ISA Server from performing name resolution for Site and Content rules.
| Modification Type: | Major | Last Reviewed: | 5/19/2003 |
|---|
| Keywords: | kbprb KB819128 kbAudITPRO |
|---|
|