You are on page 1of 31

Share internet v i Microsoft Internet Security and Acceleration Sever (ISA Server)

I. L i gi i thi u Microsoft Internet Security and Acceleration Sever (ISA Server) l phn mm share internet ca hng phn mm ni ting Microsoft, l bn nng cp duy nht (tnh n thi im ny) t phn mm MS Proxy Server 2.0. C th ni y l mt phn mm share internet kh hiu qu, n nh, d cu hnh, firewall tt, nhiu tnh nng cho php bn cu hnh sao cho tng thch vi mng LAN ca bn. Tc nhanh nh ch cache thng minh, vi tnh nng lu Cache vo RAM (Random Access Memory), gip bn truy xut thng tin nhanh hn, v tnh nng Schedule Cache (Lp lch cho t ng download thng tin trn cc WebServer lu vo Cache v my con ch cn ly thng tin trn cc Webserver bng mng LAN). Trong khun kh bi vit ny ti s tp trung vo nhng tnh nng quan trng bn c c th cu hnh phng my ca bn sao cho tc chp nhn c, s dng c tt c cc dch v ca nh cung cp. Bn c th tm hiu thm nhng tnh nng trn website http://www.isaserver.org hay http://www.microsoft.com/isaserver II. C u hnh t i thi u c a my Sever My Tnh: Pentium II 300Mhz, 256MB RAM tr ln. H iu hnh: Microsoft Windows 2000 Server, Microsoft Windows 2000 Advanced Server v i Service Pack 1 tr ln hay Microsoft Windows 2000 Datacenter v cc partition phi nh dng theo NTFS. III. C u hnh m ng LAN (Local Area Network) Mng LAN nn cu hnh theo IP tnh.(tt c cc my u gn mt a ch IP v Subnet mask) IV. Ci t ISA Server Bn tm tp tin Setup trong phn mm ISA ci t, sau khi kch hot tp tin bn chn Continue, ri chn ng dn ca chng trnh tip tc ci t, bn nhp cdkey ca ISA. (hnh 1)

hnh 1

Click OK, chn Agree ci t, bn chn Full Installation. (hnh 2)

hnh 2

Sau khi kim tra cc thng s ca h thng nu h iu hnh ca bn ci theo Workgroup th th ISA s xut hin ca s thng bo bn ch ci theo

chun Stand-alone server cn h iu hnh ca bn ci theo Domain th bn cng chn ch ny, bn chn Yes. (hnh 3)

hnh 3

Ca s tip theo xut hin cho php bn chn mt trong ba ch : Firewall mode, Cache mode, Intergrated mode, bn chn Intergrated mode, Click Continue. (hnh 4)

hnh 4

ISA s stop dch v IIS (Internet Information Services), nu mun s dng dch v ny bn c th cu hnh li sau khi ISA ci t hon tt. (hnh

5)

hnh 5

Ca s tip theo s cho bn qui nh dung lng Cache ca ISA. ISA khng gii hn dung lng ca cache nn bn c th Set cng nhiu cng tt, ty theo dung lng cng ca bn nhiu hay t, bn nn chn partition khc vi patition ci t H iu hnh v phn mm ISA v phi format theo NTFS, bn nhp dung lng Cache vo Cache Size(MB) ri click vo nt Set, sau click OK. (hnh 6)

hnh 6

Ca s tip theo xut hin ca ISA l yu cu to bng LAT(Local Address Table). d qun l cho vic truy xut ca my con (client), ISA da vo bng ny , nu cc my con khng thuc lp IP ca mng LAN th ISA khng cho php truy cp ra ngoi. Lc ny bn nhp s IP theo qui nh ca mng LAN ca bn. Gi s s IP ca mng LAN ca bn nh t 192.168.205.1 tr i th trong From bn phi nh l 192.168.205.0 v To bn phi nh l 192.168.205.255. (hnh 7)

hnh 7

Click Add to LAT, click OK hon thnh qu trnh ci t ISA. Sau khi hon tt qu trnh ci t ISA, chng at bc snag bc config n c th s dng c.
Conifg ISA th n c nhiu cch config khc nhau, ti xin trnh by vi cc bnn cch config ca mnh, c th n cn nhiu hn ch cc bn c th gp thm.

Sau khi ci t xong, cc bn m ca d ISA mangement ra, cc bn c hnh nh bn di.

my ch v my con c th s dng cc dch v ca web cc bn lm cc bc sau

Cc bn lp li t hnh th hai n hnh th by thay th http bng https. Xong mt bc, chun b chuyn sang bc th haiBy gi cc bn thm port 80 v 443 mc Ip Packet Filter

Lp li t hnh hai n hnh by vi port 443 v thay th http bng https Sau khi thm hai port ny n s xut hin nh hnh, kim tra th cc bn c nh sau

Port 443

Port 80

Ok, dy l cc bn hon tt mt qu trnh. Chuyn sang bc khc nhen cc bn yahoo c th chat voice v webcam cc bn ln lt thm bn port sau mc Protocol Definitions : cc port l 5000, 5050,5100,5001 . Hnh nh minh ho di y l cch thm mt port 5000, cc bport cn li cc bn lm tng t nhen.

Ok dy l xong. sang bc tip theo By gi cc bn set cache v active n nhen

Bc tip theo l lu cache cc trang web cc bn mun lu nhen, cc bn nn lu nhng trang tht thng dng m khch thng vo y. y mnh cho lu trang www.mail.yahoo.com cn cc trang cn li cc bn lm tng t nhen

To Report jobs

Ok ! vy l mnh lm xong phn config ser ver cn phn confg cilent th n gin thi m Sau khi ci t xong, ISA t ng to th mc share c tn l mspclnt trn my ch. T my con bn vo Network Neighborhood(Win9x,WinME), My Network Places(WinXP,Win2000). Bn phi to mt user c quyn Log on vo my ch cho cc my con. Sau khi Log vo my ch bn vo th mc mspclnt ri tm tp lnh c tn l MS_FWC ci t phn mm Microsoft Firewall Client (MFC) cho cc my con Ch : Bn khng nn ci MFC ln my ch.

Qu trnh ci t kt thc trn my con s c thm mt biu tng trn thanh taskbar v Control Panel. Biu tng c hnh cu mu xanh l cy th Micorsoft Firewall Client (MFC) ang hot ng bnh thng, nu biu tng c chm trong vng trng th MFC b disable v icon c chm bn trong c mt vt trng th MFC c mt, hai hay tt c cc dch v trn internet khng th s dng c. cho ngi s dng khng vo v chnh nhng thng s ca MFC bn double click vo biu tng ri b chn vo mc Show firewall Client icon on taskbar.

ISA client ang hot ng

ISA client ang disable

ISA client ang b li Ok dy l xong ht, hic hic hic. may w cui cng cng xong.

V i d ng n i th m v ISA

Hng dn s dng Microsoft ISA 2000 Server 1. Gii thiu v phn mm ISA 2000 Server ISA 2000 Server l phn mm mi nht ca Microsoft c s dng thay th cho phn mm Proxy Server 2.0 v c tch hp thm chc nng bo mt (Firewall) Cc chc nng chnh ca ISA 2000 Server: - Truy nhp Internet tp trung (Proxy): cho php nhiu user t nhiu trm lm vic c th ng thi truy nhp Internet qua mt mi ni kt

chung t mt my ch Proxy - Tc dng ca Proxy: + Tng tc truy nhp Internet nh s dng cache (b m lu tr). Cache s lu li ni dung cc trang Web c truy nhp vo my ch Proxy, ln truy nhp k tip, khi user mun xem thng tin t trang Web th s ly thng t cache ca Proxy Server m khng cn vo Internet na, do vic kt ni c din ra nhanh hn v vn thc hin c ngay c trong trng hp Proxy Server b ngt kt ni vi Internet (offline) + Qun l c vic truy nhp Internet: cho php ch nhng user c quyn hp l th mi c truy nhp Internet qua Proxy, nhng user khc s khng c php s dng Proxy. Ngoi ra, cn c th qun l vic truy nhp Internet theo cc Web site nht nh, tc l ch ra nhng Web site no th khng c php kt ni, hoc ch nh user ch c kt ni trong khong thi gian no trong ngy,do tn dng c ti a bng thng (bandwidth) v hn ch tc nghn khi qu nhiu ngi truy nhp ng thi. - Bo mt mng cc b: ngn chn nhng truy nhp tri php t bn ngoi vo mng cng ty. Nhng truy nhp c Firewall xc nhn l hp l th mi c php. Tc dng ca Firewall: Ngn chn truy nhp t bn ngoi vo mng cng ty hoc t bn trong ra mng cng cng. Vic ngn chn c thc hin qua vic hn ch nhng giao thc c s dng truy nhp (HTTP, FTP, Telnet, ICMP) 2. Hng dn ci t c th ISA 2000 Server - Chy Setup.exe t th mc cha b ci t ISA 2000 Server - Ti mn hnh khi ng setup, chn Continue - Nhp CD-Key i km theo ISA 2000 Server vo, Nhn nt OK - Chn Agree - ISA s cho php la chn cc hnh thc ci t, c 3 hnh thc: Typical installation, Custom installation v Full installation. Thng thng chn Typical installation. - Tip theo ISA s cho php la chn cc ch ci t Firewall mode: nu ch mun ci ch bo mt cho mng ni b Cache mode: nu ch ci ch cho php qun l truy nhp Internet tp trung (qua Proxy Server) Integrated mode: nu mun tch hp c hai ch Firewall v Proxy - Nhn nt Continue - Setup thng bo l tm thi ngng cc dch v lin quan, nhn nt OK nu c hi. - Tip theo bn phi la chn mt phn vng (partition) trn a cng

cha Cache (ni lu gi cc Web site truy nhp tng tc cho cc ln truy nhp tip theo). ISA yu cu phn vng ny phi c nh dng di NTFS. - Kch thc Cache ngm nh ca ISA Server t ra l 100 MB. Nu mun thay i th bn a kch thc mi vo Cache size (MB). Chn Set chp nhn kch thc mi ny. - Nhn nt OK - Tip theo ISA s yu cu bn nhp vo mt dy a ch ca mng ni b ca bn. Phi lm nh vy ISA cn phn bit c u l mng ni b (internal hay private), u l mng cng cng (external hay public). Dy a ch ny c ngha: nhng trm lm vic no c a ch thuc dy ny th s c coi l cc b, cn nhng truy nhp no xut pht t nhng trm c a ch khng thuc dy ny th c coi l cng cng. - Hy nhp dy a ch mng cc b ca bn bng cch ch nh a ch u tin v a ch cui cng ca dy. Nu mng ca bn c nhiu dy a ch, hy nhp ln lt tng dy mt, sau chn Add dy c a vo hp Internal IP ranges. Trong v d ny, ti a vo 2 dy a ch: 192.168.120.1 192.168.120.254 v 10.0.0.1 10.0.0.254. Lu rng cc dy a ch ny phi cha c a ch ca my ISA 2000 Server - Nhn nt OK, v ch mt lt Setup khi ng li cc dch v lin quan. - B chn Start the ISA Server Getting Started wizard - Nhn nt OK tip kt thc qu trnh ci t. 3. nh cu hnh v qun tr ISA 2000 Server Sau khi ci t xong, Windows s t ng thm mc Microsoft ISA Server trong Program ca menu Start. Chn ISA Management khi ng chng trnh qun tr ISA Server. 3.1. Xc lp cng truy nhp i vi cc truy nhp t bn trong hoc bn ngoi Vic u tin cn lm l xc lp cc thit nh v cch truy nhp i vi nhng truy nhp t ngoi hoc t bn trong - Nhn nt phi chut vo tn Server ca bn, chn Properties vo trang Server Properties. - Hai mc quan trng nht cn xem xt l Incoming Web Request v Outgoing Web Request Incoming Web Request: ch nh r l khi c yu cu cn truy nhp t bn ngoi vo th hng truy nhp ti cng TCP s my. Thng thng, y l cng s 80 v 80 l cng ngm nh cho giao thc HTTP, khi mi ngi t bn ngoi mun truy nhp vo Web Server ca bn, th

80 l cng ngm nh cho HTTP v trnh duyt s t ng hng truy nhp ti cng 80 ny. Nu thay i con s ny, th nhng ngi bn ngoi s khng th truy nhp vo Web Server ca bn v khng bit phi ti cng TCP s bao nhiu. Outgoing Web Request: ch r l khi c yu cu truy nhp t bn trong mng ni b ra Internet th s hng truy nhp ny ti cng bao nhiu trn ISA Server. Con s ny do bn t nh ra, c th t 1-65535 nhng khng c trng vo nhng cng c s dng. Bn phi nh con s ny khi thit lp Proxy cho trnh duyt Internet ca cc my trm. Trong v d ny chng ti s dng cng 8080. 3.2. Qun l cc dch v ca ISA Server Sau khi t cng truy nhp, vic tip theo l qun l cc dch v m ISA Server cung cp. M rng tn Server ca bn, chn Monitoring, Services v bn s thy khung bn phi tn cc dch v m ISA Server 2000 cung cp. Bn c th bt/tt cc dch v ny bng cch chn tn dch v ri chn Stop a Service hoc Start a Service bn di. Microsoft yu cu l i vi mt s phn mm nht nh (SQL Server, Clustering Service, ISA Server) th mun bt tt dch v th phi s dng cc chc nng qun l dch v ngay trong chng trnh , khng c s dng cch bt tt theo li thng thng trong mc Services ca Windows. - Cc chc nng ca ISA Server ch hot ng khi dch v tng ng ca chng ang trng thi running nh bn thy hnh trn 3.3. Qun l, cp php v hn ch truy nhp Cng vic qun l v thit lp cc ch cp php v hn ch truy nhp c tp trung ch yu ti mc Access Policy. Trong mn hnh ISA Management, m rng mc Access Policy v bn s thy cc thnh phn nh sau: + Site and Content Rules + Protocol Rules + ISP Packet Filters 3.3.1. Site and Content Rules To ra cc quy tc (Rule) p dng cho mt nhm i tng (user) no , c truy nhp ti nhng Web site no (destination), xem nhng ni dung g (Content), trong khong thi gian no (schedule) to ra mt quy tc, bn chn mc Site and Content Rules, khung bn phi, chn Create Site and Content Rule. V d nh sau: - Chn Create Site and Content Rule. - Trong hp Welcome, chn mt tn cho quy tc ny. VD l Deny www.vnn.vna> .Bn c th chn bt k tn no cho ph hp vi

ni dung ca quy tc. - Nhn nt Next - Trong hp Rule Action, chn Deny ri nhn Next - Trong hp Destination Sets: Hp Apply this rule to, chn Specified Destination Set Hp Name, chn Deny www.vnn.vn (y l mt name do ti t t ra theo thch, lt na ti s hng dn cc bn to ra n. Khi bn to trc nhng th nh vy, th trong hp Name mi xut hin chng. - Nhn nt Next - Trong hp use this Schedule, chn Work hours - Nhn nt Next - Trong hp Client Type, chn Specific users and groups - Nhn nt Next - Trong hp users and groups, Nhn nt Add - Trong hp Select user and Groups, chn tn user hoc group m bn mun p dng quy tc ny. VD: username=test - Nhn nt OK v Next cho n khi Finish Nh vy, bn to ra mt quy tc kim sot truy nhp vi ni dung nh sau: Khng cho (deny) ngi s dng test (username=test) truy nhp vo trang web www.vnn.vn (Specified Destination Set) trong gi lm vic (work hours) By gi chng ti s gii thch c th tng hng mc trong vic to ra mt quy tc mi. Cc bn hy quay li tng bc nh hng dn trn xem cc thao tc. - Bc 1 (Welcome), hy chn cho quy tc ny mt ci tn gi nh cho chng ta ni dung ca quy tc ny - Bc 2 (Rule Action), hy chn kiu p dng quy tc. Nu bn chn Allow, tc l khi tho mn iu kin th cho php truy nhp, cn nu chn Deny tc l khi tho mn iu kin th t chi truy nhp - Bc 3: (Destination sets): p dng quy tc ny cho nhng truy nhp ti nhng ni no. Nu chn All destination, tc l p dng quy tc i vi tt c cc truy nhp i ti bt k u Nu chn All internal destination, tc l ch p dng quy tc i vi nhng truy nhp ti nhng my ni b trong cng ty, khng p dng cho nhng my cng cng trn Internet Nu chn All external destination, tc l ch p dng quy tc i vi nhng truy nhp ti nhng my cng cng trn Internet, khng p dng cho nhng my cc b.

Nu chn Specified Destination Sets, tc l bn t ch ra nhng my no l thuc phm vi p dng ca quy tc, tc l bn t nh ngha mt s my no qun l vic truy nhp ti. Nh v d trn, chng ti chn my www.vnn.vn. - Bc 4 (schedule): p dng quy tc ny trong khong thi gian no (Always: lun lun c p dng; week ends: p dng vo cui tun; work hours: p dng trong gi lm vic). Thc ra, cc week ends hay work hours l nhng ci do Microsoft t lm sn ra, bn c th hon ton nh ngha li hoc to ra ci khc theo mnh trong cc phn sau. Chng hn, bn nh ngha work hours (gi lm vic) l t my gi n my gi, week ends (cui tun) l th by hay ch nht hoc to ra khong thi gian no theo bn. - Bc 5 (client type): p dng quy tc ny i vi nhng user hay trm lm vic no. Nu chn Any request, th quy tc ny s c s dng kim sot truy nhp t tt cc cc user v trm lm vic trong mng ni b Nu chn specific computer, th quy tc ny ch p dng cho nhng truy nhp xut pht t nhng trm lm vic thuc mt di a ch ISP no Nu chn Specific users and groups, th quy tc ny ch p dng cho nhng truy nhp xut php t nhng ngi s dng hay nhm ngi s dng no . 3.3.2 Protocol Rule Cng l bin php kim sot truy nhp nhng khng da trn kim tra l truy nhp s ti u (khng kim tra destination) m s kim tra giao thc m vic truy nhp s s dng. Cc bc nh sau: - Bc 1: To ra 1 quy tc bng cch chn Create a Protocol Rule for Internet Access, chn mt ci tn cho quy tc ny. Nhn nt Next. - Bc 2: Chn loi protocol m trn bn mun p dng quy tc ny. Nhn nt Next. - Bc 3: chn loi Schedule (always, week ends, work hours hay do bn t nh ngha). Nhn nt Next. - Bc 4: Chn loi Client ging nh phn trn. Nhn nt Next. Lu : - y l chn cc giao thc thng dng cho vic truy nhp trn Internet. Nu bn mun p dng cho nhiu loi giao thc khc na th bc 1 bn phi chn Create a Protocol Rule ch khng phi l Create a Protocol Rule for Internet Access. - Trong cc mc ca Access Policy, khung bn phi thng c 3 chc nng chnh hay dng: Create (to ra quy tc), Delete (xo quy tc ) v

Configure (thay i cc xc lp trong quy tc ) - Trong mc General ca mi quy tc, c hp chn Enable. Phi kch chn hp ny th quy tc mi c p dng 3.4. To ra cc thit lp nh trc Khi s dng ISA Server, chng ta c php nh ngha trc mt i tng no khi to ra cc Access Policy th s ly ra dng lun c. V d nh bn nh ngha trc mt s trang Web no b cm khng vo c, nh ngha mt nhm my tnh thuc mt di a ch no s cng c p dng mt quy tc, nh ngha cc di thi gian cho php hoc t chi truy nhp trong khong thi gian . C 3 hng mc thng c s dng trong phn ny - Schedules - Destination Sets - Client Address Sets 3.4.1. Schedule Chn Schedule, nhn nt vo Create a schedule khung bn phi to mt khong thi gian mi. - Nhp vo mt tn nhn bit khong thi gian mi ny. VD: Ngay nghi - Trong ghi cc ngy trong tun, r con tr chut ko ht vng t Monday n Friday, ri chn Inactive. Kt qu s nh hnh sau: - Nh vy, bn t nh ngha Ngy ngh l ngy th by v ch nht. Tt nhin, ta c th nh ngha theo mt khong thi gian bt k trong ngy theo thch. V d, ta c th nh ngha Gio lam viec l t 8 gi sng n 5 gi chiu t th hai n th su trong tun: 3.4.2. Destination sets - Chn Destination sets khung bn tri, ri chn Create a destination set khung bn phi to mt phm vi vng cc ni s truy nhp n - Nhp vo mt tn nhn bit, chng hn Web sites in USA nh ngha nhng trang Web nm trn my ch M. - Chn Add a ni dung vo vng ny. - Ta c th ch ch danh tn domain name ca Web site hoc dy a ch ca cc Web site. - Nhn nt OK nhp tn domain name ca Web site vo danh sch. Nu cn thm nhiu Web site khc, bn c dng Add thm cc web . - Nh vy bn c danh sch cc web site nh trn s thuc vo mt destination set tn l Web sites in USA. - C th ch nh cc Web site bng a ch ISP nh sau: Bn cnh nt Add, bn c th s dng cc nt Edit v Remove sa i hoc xo cc mc trong danh sch

3.4.3. Client address sets - Chn Client address sets khung bn tri, chn Create a client set khung bn phi - Chn mt tn nhn dng cho phm vi a ch, chng hn Phng Kinh doanh - Nhn nt Add a a ch ISP vo dy, chng hn ti dng di a ch 172.16.30.1 172.16.30.254 - Nu b phn ny c a ch thuc nhiu di khc nhau th bn c th thm tng di mt bng cch chn Add, nu mun sa i hoc xo cc di ny th s dng Edit hoc Remove Nh vy ta va nh ngha b phn Kinh doanh ca Cng ty s c di a ch nh trn. Sau ny khi cn p dng cc quy tc vi b phn ny ta ch vic chn tn b phn . 3.5. nh cu hnh B m tr d liu (Cache) Nh ni phn u, b m tr d liu l thnh phn quan trng ca dch v Proxy, n cho php ta dnh mt phn kch thc a lm vng lu tr cho nhng thng tin c ti xung t Internet khi c mt trm lm vic truy nhp vo Internet qua Proxy Server. Thng tin lu tr ny s c s dng khi c mt trm lm vic cng yu cu ng loi thng tin nh vy v Proxy Server s gi hi p da trn nhng thng tin m n cache li, nh vy lm vic ly thng tin t Internet s nhanh hn rt nhiu. iu ny cng c bit hu ch khi Proxy Server b ngt kt ni vi Internet (offline). 3.5.1. Thay i kch thc cache - Trong khung ISA Management bn tri, chn Cache Configuration - Trong khung bn phi, bn nhn thy tn Server dng lm Proxy, kch thc Cache, tng s phn vng NTFS cn trng. - thay i kch thc cache, bn chn vo tn server, ri chn Configure cache size - a kch thc cache mi vo Maximum cache size, chn Set chp nhn kch thc ny. Nhn nt OK kt thc - Lu rng phi t cache trn mt phn vng c nh dng theo NTFS v nn t trn mt phn vng c lp vi vng cha h iu hnh ti u vic c thng tin t cache. 3.5.2. nh cu hnh cache - nh cu hnh cache, trong khung bn phi, bn chn tn server ri chn Configure cache policy. - y l hin th thng tin v dung lng cache ca Proxy - Chuyn sang khung HTTP - nh du chn vo enable HTTP Caching, vic ny cho php bn cache cc Web site c truy nhp

- Cc hnh thc cp nht thng tin trong cache (c 4 chn trong hp): - Frequently: thng tin trong cache s c cp nht thng xuyn lin tc v khi khng c ai truy nhp thng tin na, n lp tc s b xo khi cache. Vic ny s tng lu lng thng tin gia proxy vi Internet v Proxy thng xuyn phi ly thng tin mi nht t Internet v. - Less Frequently: thng tin trong cache s t c cp nht t Internet hn. Nh vy s gim c lu lng gia proxy vi Internet nhng nu trn Internet c thng tin mi nht th n s khng c cp nht ngay lp tc. - Normally: mc bnh thng, vic cp nht s gia mc Frequently v Less Frequently. - Set Time to Live (TTL) of object in cache to: T quy nh mt khong thi gian no m ni dung cache c th tn ti, ht khong thi gian ny th proxy phi kt ni cp nht thng tin. - Chuyn sang FTP - Cng c mc ch ging HTTP nhng i tng c cache l cc file nm trn cc FTP server. - Chuyn sang Active Caching - Active l mt hnh thc cp nht ng, n t nh gi, phn tch qu trnh truy nhp cc Web site hoc FTP site v tm ra nhng thng tin no hay c truy nhp nht v t ng cache li nhng thng tin ny. Cng c 3 mc Frequently, Normally v Less Frequently nh gii thch trn. - Chuyn sang trang Advanced - Trang ny c hai quan trng thng s dng Do not cache object larger than: ch ra kch thc ti a c th cache c ca mt i tng no , tc l nu i tng c kch thc ln hn ch nh trong ny, n s khng c cache. Cache dynamic content: lu li c nhng thng tin c lin quan n trang Web c truy nhp. Thng thng, trong mt trang Web bao gi cng c nhng ni kt ni b trong phm vi th mc o, cc hyperlink, bookmark Nu ta nh du ny th cc thng tin cng c cache li. 3.6. Cu hnh cc thng tin lin quan n dch v mng. Trong ISA Management, chn Network Configuration 3.6.1. Proxy Server c kt ni trc tip vi Internet hay thng qua mt Proxy Server khc Kt ni trc tip l Proxy c mt interface ni vi Internet, n thay mt cc client trong mng gi v nhn thng tin t Internet. Kt ni gin tip l Proxy khng c interface trc tip vi Internet m kt ni vi Internet thng qua mt proxy server khc. Theo cu hnh

ngm nh lc ci t, th coi proxy ny l c kt ni trc tip vi Internet. thc hin kt ni gin tip vi Internet qua mt proxy server khc, ta lm nh sau: - Trong khung bn tri ca Network Configuration, chn Default Rule (thc ra bn c th to ra cc rule khc nhng v y l trng hp n gin nn c th s dng lun default rule ca ISA) - Nhp i chut vo Default rule - Trong hp Action, chn Routing them to a specified upstream server ( Retrieving them directly from the specified destination c dng trong trng hp kt ni trc tip vi Internet) - Chn Setting - Trong hp Server or array, a tn hoc a ch ISP ca Proxy server m bn mun kt ni thng qua n. - Trong hp Port, a s hiu cng m Proxy ch nhn thng tin. - Chn kiu Authentication l Basic. - nh du chn vo use this account v nhn nt vo nt Set Account (account ny l account c quyn truy nhp vo Proxy server cp trn v phi c proxy server cp trn ny xc nhn) - Nhp tn v mt khu hp l vo, nhn nt OK. - Nhn nt OK hon tt config. 3.6.2. Thay i di a ch Local Nh ni phn u, khi ci ISA Server 2000, s yu cu a vo mt bng a ch cc b (LAT), v ISA s cn c vo dy a ch ny xc nh xem mt trm lm vic c phi l thuc mng ni b hay khng v c chu qun l ca ISA hay khng. Bng LAT ny c th gm nhiu di a ch khc nhau v c th thay i, thm bt bng cch s dng nhnh Local Address Table trong mc Network Configuration - khung bn phi s hin th cc di a ch trong bng. - thm vo mt di a ch, chn Local Address Table, nhp phi chut, chn New, chn LAT entry. - Hp thoi sau hin ra: - Nhp a ch u v a ch cui ca di vo cc tng ng, trong hp description, a vo mt ci tn d nhn din. - Nhn nt OK to di mi ny. - xo, thay i ni dung mt di a ch, chn di khung bn tri, nhp phi chut. - Nu mun xo, chn Delete - Nu mun sa i ni dung, chn Properties 3.7. nh cu hnh trnh duyt Internet (Browser) ca cc my trm.

cc my trm c th s dng c dch v proxy, th phi t cu hnh ca trnh duyt trn my trm ny theo a ch ISP v s cng tng ng ca my ch Proxy. - Khi ng Internet Explorer trn my trm - Trn menu Tools, chn Internet options - Chn trang Connection, chn tip LAN Settings - nh du vo Use a Proxy server - Trong mc Address, a a ch ISP ca Proxy server, trong hp port, a s cng m Proxy ch nhn yu cu Proxy. - Nu mun b qua Proxy khi truy nhp ti nhng web site trn mng ni b, nh du vo Bypass proxy server for local address. - Nhn nt vo Advanced. - nh du vo Use the same proxy server for all protocols dng mt my proxy cho chung tt c cc giao thc. - Nu mun khng dng Proxy cho mt s web site no (tc l c th c kt ni cc b ngay ti my trm, th lit k cc Web site trong Exception, gia cc Web site ngn cch vi nhau bi du chm phy B i vi t t ng h p