We have 2003 domain and our isa server is a member server in that domain. Also, we have a DC that is also a DNS server. suddenly, our firewall access rules are not working even though the system and application event logs are not reporting anything in our isa server. for example,,i had a group of Active directory users that is scheduled to access the internet only from 1:00pm-3:00pm,,but i found out that they can access the net at all time...what is the reason...please.

1. This is a topic for the special Forefront TGM and ISA forum here: http://social.technet.microsoft.com/Forums/en-US/Forefrontedgegeneral/threads or http://forums.isaserver.org/ 2. Either was you server compromised, or there is (error)/(configuration change) in ISA server. What you see in the monitoring? Double check the services and dependent services namely those the ISA rely directly. Inspect your log and see for unusulal access record. To troubleshoot ISA logs use appropriate tool http://www.redline-software.com/eng/products/iam/internet-access-monitor-for-isa-server/ Regards Milos

Hello, As I see, your ISA Server rules are not well configured. Please enable logging on ISA Server to get more information about the rule that is allowing such access. More if you ask them here: http://social.technet.microsoft.com/Forums/en-US/Forefrontedgegeneral/threads This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. Microsoft Student Partner 2010 / 2011 Microsoft Certified Professional Microsoft Certified Systems Administrator: Security Microsoft Certified Systems Engineer: Security Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration Microsoft Certified Technology Specialist: Windows 7, Configuring Microsoft Certified Technology Specialist: Designing and Providing Volume Licensing Solutions to Large Organizations Microsoft Certified IT Professional: Enterprise Administrator Microsoft Certified IT Professional: Server Administrator Microsoft Certified Trainer

1. This is a topic for the special Forefront TGM and ISA forum here: http://social.technet.microsoft.com/Forums/en-US/Forefrontedgegeneral/threads or http://forums.isaserver.org/ 2. Either was you server compromised, or there is (error)/(configuration change) in ISA server. What you see in the monitoring? Double check the services and dependent services namely those the ISA rely directly. Inspect your log and see for unusulal access record. To troubleshoot ISA logs use appropriate tool http://www.redline-software.com/eng/products/iam/internet-access-monitor-for-isa-server/ Regards Milos

Hello, As I see, your ISA Server rules are not well configured. Please enable logging on ISA Server to get more information about the rule that is allowing such access. More if you ask them here: http://social.technet.microsoft.com/Forums/en-US/Forefrontedgegeneral/threads This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. Microsoft Student Partner 2010 / 2011 Microsoft Certified Professional Microsoft Certified Systems Administrator: Security Microsoft Certified Systems Engineer: Security Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration Microsoft Certified Technology Specialist: Windows 7, Configuring Microsoft Certified Technology Specialist: Designing and Providing Volume Licensing Solutions to Large Organizations Microsoft Certified IT Professional: Enterprise Administrator Microsoft Certified IT Professional: Server Administrator Microsoft Certified Trainer

You need to check your ISA Server configuration, check access rules not overridden with other access rules. For ISA / TMG queries, post here. Thanks

You can use tmg 2010/isa 2006 sp1 traffic simulator for troubleshooting purpose.you can simulate traffic from that perticuler user/group.If is there any conflict in between rules you can find out from the traffic simulator http://technet.microsoft.com/en-us/library/dd897030.aspx Darshana Jayathilake