We have windows server 2003 with isa 2004. Our clients uses internet with proxy.
We have two isa rule:
order name action protocolls from/listener to condition
1. trafic ALLOW all outbound all networks all networks all users
2. FTP ALLOW FTP Server EXTERNAL/INTERNAL/Local host 10.1.1.1
So we have to "bann" a few webpage (like facebook, youtube...etc...), so we make a new rule
0. banned DENY HTTP internal denied pages all users
In the denied pages we have the *.facebook.com domain set.
After we enable this rule, the entire internet slows down. The banning rule works well, redirect to an internal site, but the other sites.... If i open a page..it normally takes 3-10 sec to load, but after this rule this time is: 2-4 minutes.
In the monitor / logging menu we got a few FAILED CONNECTION ATTEMPT like:
Log type: Web Proxy (Forward)
Status: 304 Not Modified
Rule: All local traffic
Source: Internal ( 10.1.1.1:0 )
Destination: External ( 172.24.28.22:3128 )
Request: GET http://www.konyvelozona.hu/wp-content/uploads/nyugdijas-holgy-2.jpg
Filter information: Req ID: 17270b72
Protocol: http
User: anonymous
Additional information
Client agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.3072...
Object source: Verified Cache Processing time: 9047
Cache info: 0x18801002 MIME type: -
Thank you folks.
