FW_H_CreateWebListen

  • Article

To create a Web listener

  1. In the console tree of ISA Server Management, click Firewall Policy.

  2. On the Toolbox tab, click Network Objects.

  3. On the toolbar beneath Network Objects, click New, and then click Web Listener.

  4. In the New Web Listener Wizard, follow the on-screen instructions.

Note

For more information about authentication in ISA Server, see Authentication Concepts in ISA Server 2006 on the Microsoft ISA Server TechCenter Web site (https://www.microsoft.com).
To open ISA Server Management, click Start, point to All Programs, point to Microsoft ISA Server, and then click ISA Server Management.
For ISA Server 2006 Enterprise Edition, expand Microsoft Internet Security and Acceleration Server 2006, expand Arrays, expand Array_Name, and then click Firewall Policy.
For ISA Server 2006 Standard Edition, expand Microsoft Internet Security and Acceleration Server 2006, expand Server_Name, and then click Firewall Policy.

Important

To enable single sign-on (SSO), on the Authentication Settings page of the wizard, select HTML Form Authentication. The next page of the wizard allows you to enable SSO and provide the SSO domain name.
When enabling SSO, be sure to provide a specific SSO domain. Providing a generic domain, such as .co.uk, will allow the Web browser to send the ISA Server SSO cookie to any Web site in that domain, creating a security risk.
If you allow users to connect to ISA Server over HTTP, and then direct that traffic over HTTPS to a published server, ISA Server will translate HTTPS links to HTTP, which has security implications. This is an issue for a Web listener that listens on HTTP, or on HTTP and HTTPS. We recommend that when ISA Server is configured to direct traffic to a published server over HTTPS, that the corresponding Web listener be configured to listen only on HTTPS.
A publishing rule with a Web listener that uses a specific form of credential validation must use a user set that is consistent with that form of validation. For example, a publishing rule with a Web listener that uses LDAP credential validation must also use a user set that consists of LDAP users. It cannot include Active Directory users.