Crewy

Hi,

I am new to the whole ISA server lark and have inherited a SBS 2000 server with ISA Server 2000 on it. I have been tasked with removing internet access for a number of users which works fine although there are a number of Internet sites which theses users will require access to.

I have created a site and content rule
> Destinations - this rule appies to : All external Destinations
> Schedule - default - all times
> Action - denied ( HTTP requests go to a denied page on intranet)
> Applies to - users (list of users)
> HTTP Content - all content

This works fine for no access and for access to the intranet but like I say they will need access to some websites. Any ideas any one ..........


Cheers

Crewy

LanCat

ISA works by using the most specific rules first.

It seems you need to have 3 rules for access set up.

1. Allow some users full access to the internet
2. Allow remaining users access to some sites
3. Deny access to all other sites for all other users.

So...

In windows create 2 user groups. One for people with full access and one for those who get "regulated" access.

Then create a destination set in ISA which contails all the websites you wish those regulated users to have access to. Use *.website.com rather than www.website.com just incase they use multiple hosts.

Now define rule number one

> Destinations - this rule appies to : All external Destinations
> Schedule - default - all times
> Action - allowed
> Applies to - Permitted user group
> HTTP Content - all content



Now define rule number two

> Destinations - this rule appies to : Regulated destination set
> Schedule - default - all times
> Action - allowed
> Applies to - regulated user group
> HTTP Content - all content

Lastly define rule number three

> Destinations - this rule appies to :All external Destinations
> Schedule - default - all times
> Action - denied
> Applies to - everyone
> HTTP Content - all content

<disclaimer>It's been a year or so since I touched ISA server</disclaimer>