织梦CMS - 轻松建站从此开始!

技术无忧网 - 技术从此无忧 -- 一站式中文IT技术网站 - www.tech51.net

ISA2006中的三种客户端(4)

时间:2009-01-05 14:52来源: 作者: 点击:
Web Proxy Clients A Web Proxy client is a client application or computer that sends requests to either of the following: Port80 on an ISA Server computer. The port on which ISA Server listens for outg

 

 

 

 

 

 

A Web Proxy client is a client application or computer that sends requests to either of the following:

  • Port 80 on an ISA Server computer.
  • The port on which ISA Server listens for outgoing Web requests from the network in which the client computer resides. By default, ISA Server listens for outgoing Web requests from clients in the Internal network on port 8080.

Web Proxy clients are typically Web browser applications that comply with HTTP 1.1, and have proxy settings configured to send Web requests to ISA Server. Firewall clients and SecureNAT clients with Web proxy settings configured also make Web requests as Web Proxy clients.

You enable the ISA Server default Internal network, and user-defined internal and perimeter networks, to listen for requests from Web Proxy clients. You configure network properties to be applied to all Web Proxy clients in the network. For Web browsers that are not running on computers installed with Firewall Client software, these settings are applied when the Web browser is enabled for automatic detection, or when the Web browser is configured with the location of an automatic configuration script.

Configuring Browser Settings for Web Proxy Clients

 

The following table summarizes Web browser settings that can be applied to Web Proxy clients.

Setting Location in ISA Server Management Details

Enable Web Proxy client connections for this network

On the Web Proxy tab of the network properties page

Enables a network to listen for requests from Web Proxy clients.

Bypass proxy for Web servers in this network

On the Web Browser tab of the network properties page

Specifies that the Web browser should directly access resources located in its own network.

Directly access computers specified in the Domains tab

On the Web Browser tab of the network properties page

Specifies that the Web browser bypass the proxy for destinations specified on the Domains tab of the network properties page.

Directly access these servers or domains

On the Web Browser tab of the network properties page

Specifies a list of domains and addresses that bypass the proxy. You can enable this setting in addition to bypassing the domain list specified on the Domains tab. Any destinations added to this list should be specified with both the IP address and FQDN, or the FQDN only. For example, to configure the Internal network for direct access, add the IP address range of the Internal network, and the Internal network domain name.

The specified list of IP address ranges, computers, and site URLs for direct access is sent to the Web browser in the automatic configuration script when the browser makes a request to ISA Server—either using a WPAD call (\http://wpad.dat) to locate ISA Server, or using a call to the automatic configuration script location (by default, http://ISAServer_Name:8080/array.dll?Get.Routing.Script).

 

 

 

 

 

 

Web Proxy Filter in ISA Server 2006 works at the application level on behalf of clients residing in networks protected by ISA Server that request HTTP and HTTPS objects. Such Web requests benefit from application-layer inspection and caching, and may be from a number of sources:

  • Requests from Web Proxy clients. Web requests (HTTP, HTTPS, or FTP for downloads) from Web Proxy clients that specify ISA Server as a proxy server in browser settings are passed directly to Web Proxy Filter.
  • Requests from SecureNAT or Firewall clients not configured as Web Proxy clients. By default, HTTP is bound to Web Proxy Filter. With this setting in place, Web requests from clients that are not Web Proxy clients are passed transparently from the Firewall service to Web Proxy Filter for handling. This is known as transparent NAT. Applying NAT substitutes a global IP address that is valid on the Internet for the internal IP address of the client request, thus protecting internal addresses.

 

 

 

 

(责任编辑:admin)
织梦二维码生成器
顶一下
(0)
0%
踩一下
(0)
0%
------分隔线----------------------------
发表评论
请自觉遵守互联网相关的政策法规,严禁发布色情、暴力、反动的言论。
评价:
表情:
用户名: 验证码:点击我更换图片