ISA Web Publishing

Posted on 2003-03-13
Medium Priority
Last Modified: 2013-11-16
Hello Everyone,

I'm attempting to publish a web page from an internal server through ISA.  According to what I have read, I have everything setup correctly and I can see the web page internally just fine.  Externally I cannot.  Here is my configuration.

The web server I'm wanting to publish is a SecureNAT client.

The ISA server has two public IP addresses.  The IP address that I'm wanting to redirect HTTP requests has been configured with a listener.

Created a destination set with the FQDN that people will be using to connect to the site.

Created a Publishing rule with the above destination set and redircting the request to the IP of my internal web server.  This applies to any request.

As far as I've read everything should be working.  I have seen where people have been unable to view the site internally, but externally it works fine.  Mine seems to be doing this backwards.  Any help would be appreciated.  Thanks.
Question by:Arin
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Expert Comment

ID: 8131732

How many sites associated with the external IP? Do you have the appropriate host headers setup for the web site? In IIS console click on the server and you should see the website FDQN listed under Host Header Name.

Do you have the listener assigned to that specific IP? Not all unassigned!

Is IIS on the ISA server itself running and listenning on Port 80 on all unassigned? Then, it is probably competing with ISA for the external port. If IIS is not needed on the ISA server shut the service down. If it is needed bind the web sites to the local interface only and not all unassigned. This applies to the FTP sites on that server too.

Check your application event viewer for binding errors. If there are errors indicated on the ISA server use the netstat -an command from the cmd interface to see if the ports are bound. Bore down on the offending app and see if you can shift its port needs.

Try an experiment: Create a web site on your site server with a non standard port. I like to use the 8000 range for sites for ease of administration and the 9000 range for FTP. Use a dynamic ip service such as no-ip.com to solve your FQDN issue for that site. Use the appropriate header for that site in IIS. Create the appropriate destination set and web publishing rule. The reason I suggest this is that this may solve the port issues. I have a number of sites running now that are working fine in this configuration.

Does your SecureNAT web server connected to a DNS controller that can resolve Internet names?

Make sure your destination sets do not include protocols ie. http://www.domain.com. The set should only read "my.domain.com"

There may be more...I do hope this helps!



Author Comment

ID: 8135971

There is only one website associated with the external IP.  I did not use host headers since I wasn't serving more than one site.

Yes, the listener is assigned to specifically that IP.

There are no binding errors in the event log.

I'll have to try that experiment.

Yes, the SecureNAT web server connects to a DNS that can resolve internet names.

The set is setup correctly without the "http://" at the beginning.

I really appreciate your quick response.  I will try the experiment you suggested above and see if I can get more info.  Thanks again.
LVL 79

Expert Comment

ID: 8636821
No comment has been added lately (81 days), so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area for this question:


Please leave any comments here within 7 days.



EE Cleanup Volunteer
If you feel that your question was not properly addressed, or that none of the comments received were appropriate answers, please post a request in Community support (with a link to this page) to refund your points. http://www.experts-exchange.com/Community_Support/

Accepted Solution

SpideyMod earned 0 total points
ID: 8674499
per recommendation

Community Support Moderator @Experts Exchange

Featured Post

Ransomware Attacks Keeping You Up at Night?

Will your organization be ransomware's next victim?  The good news is that these attacks are predicable and therefore preventable. Learn more about how you can  stop a ransomware attacks before encryption takes place with our Ransomware Prevention Kit!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…
Suggested Courses
Course of the Month10 days, 11 hours left to enroll

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question