Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

ISA 2004 & Exchange 2003 OWA -- redirect from http:// to https:// ?

Posted on 2004-08-02
17
910 Views
Last Modified: 2008-01-09
I have successfully setup an ISA 2004 server that only allows users to connect to an OWA 2003 server via https://myserver.com/exchange.

What I would like to do is setup ISA to redirect users from http://myserver.com to https://myserver.com/exchange. Is this possible?

As is stands today, the users are given an error if they visit http://myserver.com.

This is a user-convenience thing only. I do not want users to be able to access OWA via http, rather I would like http to redirect to https.

I have considered using a simple web page with a META redirect tag, but is this the correct approach and how would this be done? Can an ISA server even run IIS to serve up the simple web page?

Thanks!!!

Best,
Joe
0
Comment
Question by:MooseFruit
  • 9
  • 6
17 Comments
 
LVL 8

Expert Comment

by:Emptyone
ID: 11696922
0
 
LVL 8

Expert Comment

by:Emptyone
ID: 11696988
ISA server can run IIS, but would recommend to keep IIS away from the ISA. It is a security risk
0
 

Author Comment

by:MooseFruit
ID: 11697016
Thanks for the replies, but I need to incorporate ISA and the kb article does not include ISA in the solution.

I am open to alternative ideas, I just want the http -> https redirect to occur.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 8

Expert Comment

by:Emptyone
ID: 11697064
Publish the owa server on port 80 also, that will fix it
0
 

Author Comment

by:MooseFruit
ID: 11697438
Publishing OWA on 80 will still require users to enter an extended URL, albeit http, but it will still be the longer http://myserver.com/exchange as opposed to the simpler http://myserver.com.  Plus this defeats best security practice of allowing connections to OWA via https only.

Thanks for the ideas so far.
0
 
LVL 8

Expert Comment

by:Emptyone
ID: 11697813
If you set up the exchange virtual directory to require ssl. Then you would disable the connection not using ssl. And if you change the redirect script like this:

<%
  If Request.ServerVariables("SERVER_PORT")=80 Then
    Response.Redirect "https://" & Request.ServerVariables("SERVER_NAME") &
"/exchange/"
  End If
%>

then you could type http://myserver.com and be redirected to https://myserver.com/exchange
0
 

Author Comment

by:MooseFruit
ID: 11704252
In your last example we are still defeating best security practices by allowing port 80 to pass the ISA server and the through DMZ where the ISA sits.  Port 80 from the Internet should not be able to reach OWA.

What we need is port 80 (http) to be redirected to port 443 (https) on the external side of the firewall.
0
 

Author Comment

by:MooseFruit
ID: 11706779
I think you are getting close though!  If only that could be done on the ISA.....
0
 
LVL 8

Expert Comment

by:Emptyone
ID: 11708973
I am looking into it. Have got the same set up on my server at home. Will inform you as soon as I find out something
0
 

Author Comment

by:MooseFruit
ID: 11716044
Great, thanks for the ideas so far.
0
 

Author Comment

by:MooseFruit
ID: 11752364
Still looking for assistance if anyone has any ideas.
0
 

Author Comment

by:MooseFruit
ID: 11787115
Any other ideas???
0
 
LVL 8

Expert Comment

by:Emptyone
ID: 11790675
I have looked at it, but I'm not able to find a way to do it. Have also looked at different ISA sites, but they have not got a good answer for it. But one way to do it is to direct port 80 asking for myserver.com to a server in DMZ, and then set up a redirect on that server
0
 

Author Comment

by:MooseFruit
ID: 11810260
Found the solution.  Link translation!  Works beautifully.  Thanks for the effort, though.
0
 

Author Comment

by:MooseFruit
ID: 11810265
0
 

Accepted Solution

by:
CetusMOD earned 0 total points
ID: 15934938
PAQed with points refunded (500)

CetusMOD
Community Support Moderator
0

Featured Post

Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cisco ASA 5505 NAT question 8 121
TMG Firewall website policy 2 174
Best firewall recommendation 12 191
Using PowerShell for Windows Firewall #2 21 657
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question