Test the Access Rules
Now the we have an ISA Server 2004 Access Policy in place, we can test the policy. Perform the following steps to test Access Policy:
1.First, review the Access Policies created on the ISA Server 2004 firewall. In the Microsoft Internet Security and Acceleration Server 2004 management console, expand the server name and click on the Firewall Policy node. Review the Access Rules in the Details pane of the console.
2.Log on to the CLIENT computer as User2. Open the browser and enter www.microsoft.com in the Address bar. Press ENTER.
3.The home page of the Microsoft site appears in the browser. In the Internet Explorer Address bar, enter www.isaserver.org and press ENTER.
4.You will see the MSN search page indicating that the www.isaserver.org page could not be found. You can provide a more informative response to users by redirecting denied requests to an Internet Web server.
5.In Internet Explorer, enter www.msn.com and press ENTER.
6.You see the home page of the www.msn.com Web site. Note that some graphics do not appear on the page because they fall outside the range of sites allowed by the Domain Set we created for the Access Rule.
7.In the Internet Explorer Address bar, enter the URL http://www.msn.com/kaaza. An error page is returned indicating that the HTTP Security filter has blocked the connection. The Signature configured in the HTTP policy for the Access Rule detected that Kaaza was in the URL and blocked the connection attempt.
ISA Server 2004 Configuration Guide | 156 |
