Test the Access Rules
Now the we have an ISA Server 2004 Access Policy in place, we can test the policy.
Perform the following steps to test Access Policy:
1. First, review the Access Policies created on the ISA Server 2004 firewall. In the
Microsoft Internet Security and Acceleration Server 2004 management console,
expand the server name and click on the Firewall Policy node. Review the Access Rules
in the Details pane of the console.
2. Log on to the CLIENT computer as User2. Open the browser and enter
www.microsoft.com in the Address bar. Press ENTER.
3. The home page of the Microsoft site appears in the browser. In the Internet Explorer
Address bar, enter www.isaserver.org and press ENTER.
4. You will see the MSN search page indicating that the www.isaserver.org page could not
be found. You can provide a more informative response to users by redirecting denied
requests to an Internet Web server.
5. In Internet Explorer, enter www.msn.com and press ENTER.
6. You see the home page of the www.msn.com Web site. Note that some graphics do not
appear on the page because they fall outside the range of sites allowed by the Domain
Set we created for the Access Rule.
7. In the Internet Explorer Address bar, enter the URL http://www.msn.com/kaaza. An error
page is returned indicating that the HTTP Security filter has blocked the connection. The
Signature configured in the HTTP policy for the Access Rule detected that Kaaza was in
the URL and blocked the connection attempt.
ISA Server 2004 Configuration Guide 156
