Ever had the feeling you need to find another profession :)
Well its time to ask some experts ......
I have a fairly simple setup ......
Exchange 2003 FE Server to Exchange 2003 BE Server .....
Everthing was working fine with a direct connection (Port 443 ) only to the servers.
Some bright spark (me) decided we needed an ISA 2006 (logging etc etc).
So I armed with my external SSL Ceritifcate ehich was exported from the Exchange 2003 FE Server I did the following ...
1) Removed Forms Based Authentication from the FE Server and rebooted.
2) Installed ISA 2006 with dual NIC's (1 x DMZ (10.255.255.5) and 1 x Interna (10.0.0.5)
DNS resolution to Internal only
3) Imported SSL Certificate into the ISA 2006 and patched.
4) On ISA 2006 Setup the following rules.
a) Local host ---> External (HTTP / HTTPS)
b) Internal / Local host ---> Internal / Local host (All Outbound)
5) Started the Publish Exchange Web client Wizard.
a) Name = OWA Mail Server
b) Version = 2003 (owa only)
c) Type = Single Site
d) Server Security = SSL
e) Internal Site Name = ExchangeFE01 and IP = 10.0.0.2
f) Accept requests for this domain and public name
www.mydomain.co.uk**The same as the SSL Certificate
www.mydomain.co.uk**g) New Web listener = Big Ears
h) Requie SSL
i) External Interface
j)
www.mydomain.co Certificate selected (Green Tick)
k) HTML Form and Windows Active Directory
l) SSO = .mydomain.co.uk
m) Basic Authentication
n) All Users
Edited the Web Listenet and Selected "Require all users to authenticate" and allow HTTP
and redirect HTTP to HTTPS
Tried to connect externally and receive the following error after the ISA 2006 Forms Logon Page.
The Page Cannot be dispalyed
403 Forbidden, Uniform Locator Resource Locator (12202)
I have connected internally using the Internal Name and IP address
http://exchangefe01.mydomain.co.uk and
https://10.0.0.1But any external access fails ..... this is what is displayed in the ISA log.
Log type: Web Proxy (Reverse)
Status: 12202 The ISA Server denied the specified Uniform Resource Locator (URL).
Rule: Default rule
Source: External (80.0.0.1)
Destination: (10.255.255.5:443)
Request: GET
http://80.1.1.1/ Filter information: Req ID: 0e886209; Compression: client=Yes, server=No, compress rate=0% decompress rate=0% ; FBA cookie: exists=yes, valid=yes, updated=yes, logged off=no, client type=public, user activity=yes
Protocol: https
User: mydomain.co.uk\test
Additional information
Any help much appriciated as I begining to lose the will to live ...... either I need to stay away from ISA boxes or this thing has it in for me.
regards
Kim