Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

ISA 2006 internal OWA

Posted on 2007-04-11
3
Medium Priority
?
713 Views
Last Modified: 2009-12-16
Hi,

I need a bit of help with ISA 2006 and OWA. I’ve setup access rules and listeners to facilitate OWA access to my Exchange server via ISA. The rules seem to work fine and any internal client – not using proxy can access the OWA forms, but internal clients – using proxy can’t. They get Error Code 502 proxy server denied the specified URL (12202) even though the listener is configured to listen on both networks. I’m not using split DNS as my ISP is handling external resolution. My internal DNS points owa.domain.co.uk to the ISA server itself.  The clients using proxy trip up on the default rule.

Any ideas as to why internal client using proxy fail but internal clients not using proxy don’t and how to sort it out?

Thanks.
0
Comment
Question by:MrPrince
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 1000 total points
ID: 18889336
You don't mention whether you are running OWA internally on http or https.

1. Generally speaking for this I add the internal site(s) to the Proxy Exceptions (internet tools - options - connections - lan settings - advanced) so that the browser doesn't even access the proxy service when an internal client calls an internal web site. You can also put in the ip range if you need more than the 255-ish characters allowed in the proxy exceptions box. ie 10.0.*; 172.30.254.*; 192.* etc to cover the internal ip addresses instead of using names.

2. Can you confirm that you have a rule within the firewall policy allowing traffic from internal & local host to internal & local host for the required traffic?

Either way you can then amend your publishing rule to just cover the external network only.

0
 

Author Comment

by:MrPrince
ID: 18890050
DOH! I had a rule for internal to internal but not local host to local host as well. I also whacked that rule in at the top and it works now. BTW what protocols would you suggest for nornal Internet Access? I've just specifed 'All Outbound Protocols' but is this a good idea?
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 18892002
lol, glad to have helped, its easily missed :)

Normal Internet is an interesting question....

Normally I allow http, https, & ftp from all users
dns from internal dns servers
smtp from smtp servers
However, all outbound is no issue whatsoever if this is what your IT Security policy allows.

Regards
Keith Alabaster
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are three types of ISA client that can be configured - these can be individual clients or multiples of a client on each PC or server SecureNAT. A SecureNAT client for ISA server is a client machine, work station or server, that has its defa…
Forefront Threat Management Gateway 2010 or FTMG comes with some very neat troubleshooting tools built-in when trying to identify what is actually happening behind the scenes within the product when traffic is passing through its interfaces. To the …
This course is ideal for IT System Administrators working with VMware vSphere and its associated products in their company infrastructure. This course teaches you how to install and maintain this virtualization technology to store data, prevent vuln…
Are you ready to place your question in front of subject-matter experts for more timely responses? With the release of Priority Question, Premium Members, Team Accounts and Qualified Experts can now identify the emergent level of their issue, signal…
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question