To configure authentication method for a Web
listener
In the console tree of ISA Server Management, click
Firewall Policy.
On the Toolbox tab, click Network Objects.
Expand Web Listeners, and then click the applicable Web
listener.
On the toolbar beneath Network Objects, click
Edit.
On the Authentication tab, in Client Authentication
Method, select the applicable authentication method.
Notes
For more information about authentication in ISA Server, see
Authentication Concepts in ISA Server 2006 at the
Microsoft ISA Server TechCenter Web site(http://www.microsoft.com).
To open ISA Server Management, click Start, point to
All Programs, point to Microsoft ISA Server, and then
click ISA Server Management.
For ISA Server 2006 Enterprise Edition, expand
Microsoft Internet Security and Acceleration
Server 2006, expand Arrays, expand
Array_Name, and then click Firewall
Policy.
For ISA Server 2006 Standard Edition, expand Microsoft
Internet Security and Acceleration Server 2006, expand
Server_Name, and then click Firewall
Policy.
Important
These authentication mechanisms can be used simultaneously on a
Web listener: Basic, Digest, Integrated Windows, and client
certificate authentication. When selected, RADIUS, SecurID, or
forms-based authentication methods must be the only authentication
mechanism configured.
When you enable SecurID authentication on a computer running
Microsoft Windows Server 2003, the Network Service
account must have read/write access to the following registry key:
HKLM\Software\SDTI\ACECLIENT.
Kerberos authentication depends upon User Datagram Protocol
(UDP) packets that are commonly fragmented. If your ISA Server
computer or array is in a domain, and you enable the blocking of IP
fragments, Kerberos authentication will fail. For example, if the
computer uses Kerberos for authentication during user logon, logon
will fail. We recommend that you do not enable the blocking of
packets containing IP fragments in scenarios where Kerberos
authentication is used.
Get latest ISA
Server content at ISA Server
Guidance(http://www.microsoft.com/).
Send
feedback about this page.