	[x] Posted via EE Mobile
	Search, ask, and monitor your questions on the go with EE Mobile. Visit Experts Exchange from your mobile device and never be out of touch again.

Question

	[x] Attachment Details

[x]

The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

The Grade of the Solution
The Zone Rank of the Expert Providing the Solution
The Number of Author and Expert Comments
The Number of Experts Contributing
The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!

7.4

Can ping internet traffic behind ISA 2006 but cannot browse web pages

Asked by atkinsHOU in MS Forefront-ISA, Windows 2003 Server, Networking Hardware Firewalls

Tags: Microsoft ISA 2006

I've viewed a bunch of existing posts on ISA issues, but haven't been able to find a resolution to my problem.

Here's the setup:

I have an isolation environment setup with a CISCO ASA 5500 connecting our LAN/WAN to a web publishing environment via a DMZ setup.

Web sites are published via MS ISA 2006, that is connected to its own gateway.
The web sites publish fine, but the servers hosting the web data also need to be able to both browse the web and access ftp sites.

Separate from the site publishing rule, I have added a rule to allow http, https, ftp, ftps, etc. from all internal to external, but that didn't seem to work.

I then created a rule to allow all outbound traffic from internal to external.

I can now ping, the local DNS is getting out (nslookup works), and even tracert, but when I open a web browser, all connections time out.

All servers in the environment have the ASA as their default gateway, and the ASA is redirecting any 0.0.0.0 traffic to ISA.

Looking at logging on ISA, it looks like it's passing the traffic through as it shows it's initiated the connections, but in the results code, it shows 0x0 ERROR_SUCCESS

Get your answer NOW

         
             Original Client IP	Client Agent	Authenticated Client	Service	Referring Server	Destination Host Name	Transport	HTTP Method	MIME Type	Object Source	Source Proxy	Destination Proxy	Bidirectional	Client Host Name	Network Interface	Raw IP Header	Raw Payload	GMT Log Time	Source Port	Processing Time	Bytes Sent	Bytes Received	Cache Information	Authentication Server	Log Time	Client IP	Destination IP	Destination Port	Protocol	Action	Rule	Result Code	HTTP Status Code	Client Username	Source Network	Destination Network	URL	Server Name	Log Record Type	Filter Information	Error Information
192.168.7.110				-		TCP	-	-									10/2/2009 7:46:24 PM	4632	0	0	0	0x0	-	10/2/2009 2:46:24 PM	192.168.7.110	74.125.95.103	80	HTTP	Initiated Connection	Internet for all	0x0 ERROR_SUCCESS			Internal	External	-	(SERVERNAME)	Firewall	-	0x0

Related Solutions

Keywords: Can ping internet traffic behind ISA 2…

	Title
1	Exchange 2007 OWA issues

Loading Advertisement...

20091111-EE-VQP-89 - Hierarchy / EE_QW_3_20080625

Hall of Fame

1. keith_ala...481,704
2. pwindell170,773
3. Raj-GT110,400
4. Bembi50,100
5. ahmedabd...36,652
6. HayesJupe34,500
7. Kumar_J...26,500
8. hau_it20,050
9. PaciB18,150
10. Hisham_...16,856
11. Amirchou...14,100
12. MrMander...12,750
13. demazter12,148
14. Mestha11,700
15. Byty11,322
16. Sulimanw11,318
17. Bamit9910,140
18. Akhater10,000
19. arnold9,800
20. chuku9,664
21. Rajith_En...8,750
22. Kieran_B...8,500
22. Paranorm...8,500
24. MPECSInc7,860
25. RobWill7,750

1. keith_ala...2,012,941
2. MrMander...199,610
3. pwindell170,773
4. TechSoEasy135,046
5. r-k112,088
6. Raj-GT110,400
7. toniur103,414
8. EricTViking85,505
9. What9078,397
10. Bembi77,268
11. RobWill73,630
12. Nyah24771,369
13. KCTS64,902
14. richrumble58,834
15. Sembee50,060
16. PowerIT47,366
17. war147,222
18. HayesJupe42,575
19. johnb676741,520
20. lrmoore38,211
21. ahmedabd...36,652
22. oBdA36,250
23. tigermatt35,792
24. Kumar_J...34,828
25. arnold34,140

Can ping internet traffic behind ISA 2006 but cannot browse web pages

Asked by atkinsHOU in MS Forefront-ISA, Windows 2003 Server, Networking Hardware Firewalls

Tags: Microsoft ISA 2006

About this solution