Problem with RPC over HTTP through ISA2004

Hi there,

Here is a brief overview of the setup. The ISA2004 (on w2k3 standard). The server is on the DMZ with a single NIC using a public address (no NAT).

The server publishing OWA, OMA and RPC over HTTPS is on the trusted side of the firewall.

I have setup a mail server rule using bridged SSL. This works perfectly for OWA and OMA. I have tried to test the RPC over HTTP with an Outlook client and it doesn't work. I found some notes on how to test this by using IE to browse to the following;

1) https://url/rpc/. This returns an error HTTP Error 401.3 - Unauthorized: Access is denied due to an ACL set on the requested resource. Which is meant to be normal and proves the Virtual directory is configured correctly.

2) https://url/rpc/rpcproxy.dll. This is meant to load a blank secured page. It does when attempted internally. But when tried from outside, via the ISA, you get Error Code 64: Host not available.

Is see the following in the firewall logs (sorry for the mess in formatting.. hopefully you will be able to read if pasted into notepad);
Log Time      Destination IP      Destination Port      Protocol      Action      Rule      Client IP      Client Username      Source Network      Destination Network      HTTP Method      URL      Original Client IP      Client Agent      Authenticated Client      Service      Server Name      Referring Server      Destination Host Name      Transport      MIME Type      Object Source      Source Proxy      Destination Proxy      Bidirectional      Client Host Name      Filter Information      Network Interface      Raw IP Header      Raw Payload      Source Port      Processing Time      Bytes Sent      Bytes Received      Result Code      HTTP Status Code      Cache Information      Error Information      Log Record Type
5/22/2006 10:41:30 AM      10.66.233.51      443      https      Failed Connection Attempt      OWA      193.131.240.250      anonymous      External            GET      http://email.stratford.tycofs.com:443/rpc/rpcproxy.dll      0.0.0.0      Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)      No      Reverse Proxy      UKST1EX0001            email.stratford.tycofs.com      TCP            Internet      -      -            -            -      -      -      0      46      2302      661            64       0x8      0x180      Web Proxy Filter
5/22/2006 10:41:30 AM      10.66.233.51      443      https      Allowed Connection      OWA      193.131.240.250      anonymous      External            GET      http://email.stratford.tycofs.com:443/rpc/rpcproxy.dll      0.0.0.0      Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)      No      Reverse Proxy      UKST1EX0001            email.stratford.tycofs.com      TCP      text/html      Internet      -      -            -            -      -      -      0      1      2048      481            401       0x44000008      0x580      Web Proxy Filter

Any ideas as to what may cause this?

Thanks
RussellkAsked:
Who is Participating?
 
Keith AlabasterEnterprise ArchitectCommented:
0
 
Keith AlabasterEnterprise ArchitectCommented:
http://download.microsoft.com/download/1/c/a/1ca3323f-c988-45be-87ad-1b40a70780ab/HOL-Exchange-LAB2.doc

Have a look at this first then come back to me if you still have an issue

Regards
keith
ISA MCT
0
 
Keith AlabasterEnterprise ArchitectCommented:
PS. I cannot resolve the address email.stratford.tycofs.com from the internet at all. I am also surprised you are calling the url with http rather than https.
0
 
Keith AlabasterEnterprise ArchitectCommented:
Sorry, thats not quite accurate but it does not resolve to the addresses in your log.
0
 
RussellkAuthor Commented:
Looks like the issue was with Service Pack 2 (for ISA). Rolled back and it started to work perfectly.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.