By pass ISA/TMG server- Part1

Issue : Web proxy clients trying to by pass the ISA Server in order to access Some websites directly are not able to by pass the ISA/TMG server and are sending requests through it.

Scenario:

ISA server is configured with web browser direct access list in the internal network properties. Here name of the domains are configured e.g.

*.abc.com

*.xyz.com

and this list has ip address ranges as well e.g.

1.2.3.0-1.2.3.50

and the names of the websites do not have their corresponding IP address in the list. So we have a direct access list which has both website names and ip addresses . But the websites names in the list do not have the corresponding ip addresses. Ip addresses mentioned are not for the domain names(websites mentioned in the list).

Users when they try to access www.abc.com are not able to bypass the ISA/TMG server and requests are going through the ISA/TMG server.

Solution: In such scenario we shall configur the website domain name entry in the direct access list as *.abc.com/* and we should be able to bypass the ISA/TMG server.

In Part2 ,I will discuss why you are still not able to BY Pass the ISA/TMG server,even if you followed above instructions on the ISA server,

Reference : https://support.microsoft.com/kb/920715 this article although for ISA 2004 but concept is same with ISA 2006 and TMG 2010.