How to bypass the Web Proxy service in ISA Server 2006 or in ISA Server 2004 (838708)


The information in this article applies to:

  • Microsoft Internet Security and Acceleration Server 2004, Standard Edition
  • Microsoft Internet Security and Acceleration Server 2004, Enterprise Edition
  • Microsoft Internet Security and Acceleration Server 2006 Enterprise Edition
  • Microsoft Internet Security and Acceleration Server 2006 Standard Edition

INTRODUCTION

This article describes the work theory of the Web Proxy filter. It provides the following information:
  • How to configure the Web Proxy in Microsoft Internet Security and Acceleration (ISA) Server 2006 or in ISA Server 2004 by unbinding the Web Proxy application filter for SecureNAT and Firewall clients.
  • How to troubleshoot Web proxy traffic in ISA Server 2004.

MORE INFORMATION

In ISA Server 2006 or in ISA Server 2004, client Web requests are handled by the Web Proxy filter. This filter works at the application level on behalf of clients residing in networks that are behind an ISA Server-based server that requests HTTP and Secure Hypertext Transfer Protocol (HTTPS) objects.

Web proxy client requests from client computers that have ISA Server specified as a proxy server in the browser settings are passed to the Web proxy filter.

By default, the predefined HTTP protocol for SecureNAT and firewall clients is bound to the Web Proxy filter. ISA Server intercepts Web requests from these clients and passes them to the Web Proxy filter for transparent handling. This is known as transparent network address translation (NAT).

When you apply NAT, a global IP address that is valid on the Internet is substituted for the internal IP address of the client request that helps to give enhanced protection to internal addresses.

In some scenarios you may not require this transparent NAT behavior. To disable this setting for SecureNAT and Firewall clients, you can unbind the predefined HTTP protocol from the Web proxy filter.

For more information about how to unbind the predefined HTTP protocol from the Web proxy filter, see ISA Server online help. To unbind the predefined HTTP protocol from the Web proxy filter in ISA Server 2006, follow these steps:
  1. Start the ISA Server Management tool. To do this, click Start, point to All Programs, point to Microsoft ISA Server, and then click ISA Server Management.
  2. Expand the ISA Server computer, and then click Firewall Policy.
  3. In the right pane, click the Toolbox tab, and then click Protocols.
  4. In the list of protocols, expand Common Protocols, right-click HTTP, and then click Properties.
  5. In the HTTP Properties dialog box, click the Parameters tab.
  6. Click the clear the Web Proxy Filter check box, and then click OK.
  7. Click Apply to save the changes to the firewall policy, and then click OK.
For more information about how to troubleshoot Web proxy traffic in ISA Server 2004, visit the following Microsoft Web site:

http://go.microsoft.com/fwlink/?LinkID=53684

Modification Type:MajorLast Reviewed:9/29/2006
Keywords:kbISA2006Swept kbFirewall kbhowto KB838708 kbAudEndUser kbAudITPRO
©2004 Microsoft Corporation. All rights reserved.