There is an IP range outside of our LAN that we need users to be able to reach without going through ISA.
I have tried adding the *.domain.com and domain.com the "Domains" tab of Internal network properties.
I have also gone to the Web Browser tab and checked all the bypass and "directly access" check boxes and added *.domain.com and domain.com and the ip range there.
Despite this, clients are still being routed through ISA. The reason I can tell is when I have the proxy disabled for the client, the client reaches the site with no issues. When I enable the proxy, there is an error that says:
Failed Connection Attempt PROXYSERVER*** 1/25/2013 10:07:03 AM
Log type: Web Proxy (Forward)
Status: 10061 No connection could be made because the target machine actively refused it.
Rule: [Enterprise] Allow All Users Internet Access
Source: Internal (xxxxxxxxxxxxxx)
Destination: External (xxxxxxxxxxxxxx:80)
Request: GET http://xxxxxxxxxxx.net/slash
Filter information: Req ID: 0cbc7814; Compression: client=No, server=No, compress rate=0% decompress rate=0%
Protocol: http
User: anonymous
So the receiving host sees the traffic coming from the proxy and actively blocks it when the proxy is enabled in the browser and lets it connect when the proxy setting is unchecked in the browser.
We have not required users to go through the proxy yet because we have to get these types of issues fixed first.
Is there another setting needed to "really" bypass the proxy?