Publishing multiple OWA sites thru ISA 2004

Posted on 2006-05-15
Last Modified: 2010-04-08
Ok- I have OWA working fine for a long time using FBA.  It is published via ISA 2004 and works internally as well as externally.  This was set up using the recommended method (web publishing rule with a listener configured to use FBA).  The listener is configured to use a wildcard cert that is installed on the ISA as well as the Exchange 2003 server.  No problem.

I recently installed a new Exchange 2003 server and now have two.  I installed the same wildcard cert on it and FBA is enabled.  I can access OWA using FBA on the new box just fine internally.  I copied the old OWA publishing rule and changed the public name and the internal server appropriately.  (the public name resolves to same IP address of OWA-FBA listener).  It is setup identical to the original.  From an external browser- When I type and supply a new user I am redirected to just like expected.

What I get is at this point is:
Error Code 10061: Connection refused
Background: When the gateway or proxy server contacted the upstream (Web) server, the connection was refused. This usually results from trying to connect to a service that is inactive on the upstream server.

It is very likely that I missed something obvious but I am stumped...
Question by:jcneil4
    LVL 51

    Accepted Solution

    open the ISA GUI
    click on monitoring - logging
    Click on start query.
    Try to connect to the each forms based authenticating Exchange server in turn. What do you see in the log?
    LVL 51

    Expert Comment

    by:Keith Alabaster
    Any further info you need?
    LVL 1

    Author Comment

    Sorry for the delay- I was sidetracked.  I followed your lead and that led me to the answer!  While reviewing the monitoring data I noticed that ISA was trying to connect to the firewall external address instead of the internal Exchange server address.  I added the local address of the exchange server in the ISA hosts file and bingo.

    LVL 51

    Expert Comment

    by:Keith Alabaster
    Your welcome, and thanks :)

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Suggested Solutions

    Title # Comments Views Activity
    firewall management operations 1 78
    perimeter firewall HA impact on outages 2 39
    PCI Compliance and Open SQL ports 8 67
    Firewall attack 16 109
    If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
    Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

    737 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now