Stefaan Pouseele

How to Implement VPN Off-Subnet IP Addresses

In his article about VPN client security – Part 1: Split Tunneling Issues, Tom Shinder talks about the use of off-subnet IP addresses to improve the safety of your internal network by assigning the VPN clients off-subnet IP addresses. In this short article I will show you how to implement off-subnet IP addresses without having the limitation you can't use DHCP assigned IP addresses for the VPN clients.

The Mystery of the HTTP Redirector and Site&Content Rules

You have created that huge destination set in order to block malicious sites. You think it is working great because Web Proxy clients can't access those sites. However, someday you discover that Firewall and SecureNAT clients still have access to those sites, despite the fact there is a proper Site&Content rule in place. If you want to know why this can happen, read on.

Understanding the Firewall Client Control Channel

One of the least understood, and more feared aspects of ISA Server is the Firewall client. While Jim Harrison did a great job of explaining how the Firewall client .ini files works, there is little documentation on how the Firewall client talks to the ISA Server. In this article I show you the insides of the Firewall Client Control Channel.

Scroll to Top