Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

How ISA Server 2006, ISA Server 2004, Microsoft Forefront Threat Management Gateway, Medium Business Edition handles client Web requests and how to bypass network address translation


View products that this article applies to.

Introduction

In Microsoft Internet Security and Acceleration (ISA) Server 2006, ISA Server 2004, or Microsoft Forefront Threat Management Gateway, Medium Business Edition,client Web requests are handled by the Web proxy filter. The Web proxy filter works at the program level on behalf of the following clients:
  • Clients that reside in networks that are protected by ISA Server or Microsoft Forefront Threat Management Gateway, Medium Business Edition
  • Clients that request HTTP and Secure HTTP (HTTPS) objects
Web proxy client requests are passed to the Web proxy filter on client computers that have ISA Server or Microsoft Forefront Threat Management Gateway, Medium Business Edition specified as a proxy server in the browser settings.

This article discusses network address translation (NAT) and how ISA Server 2004, ISA Server 2006, or Microsoft Forefront Threat Management Gateway, Medium Business Edition handles client Web requests. This article also discusses how to disable NAT.

↑ Back to the top


More information

By default, SecureNAT and Firewall clients have the predefined HTTP protocol bound to the Web proxy filter. ISA Server or Microsoft Forefront Threat Management Gateway, Medium Business Edition intercepts Web requests from these clients and passes them to the Web proxy filter for transparent handling. This behavior is known as transparent network address translation (NAT).

NAT substitutes a global IP address that is valid on the Internet for the internal IP address of the client request. This behavior helps protect internal addresses. In some cases, you may not require this transparent NAT behavior.

To disable this setting for SecureNAT and Firewall clients, you must disable the predefined HTTP protocol from the Web proxy filter. For information about how to disable the HTTP protocol from the Web proxy filter, see ISA Server Help or Microsoft Forefront Threat Management Gateway, Medium Business Edition Help.

For more information about how to troubleshoot Web proxy traffic in ISA Server, visit the following Microsoft Web site:

↑ Back to the top


Keywords: KB838368, kbinfo, kbfirewall, kbnat, kbisa2006swept

↑ Back to the top

Article Info
Article ID : 838368
Revision : 7
Created on : 12/4/2007
Published on : 12/4/2007
Exists online : False
Views : 505