?
Solved

ISA 2006 internal OWA

Posted on 2007-04-11
3
Medium Priority
?
703 Views
Last Modified: 2009-12-16
Hi,

I need a bit of help with ISA 2006 and OWA. I’ve setup access rules and listeners to facilitate OWA access to my Exchange server via ISA. The rules seem to work fine and any internal client – not using proxy can access the OWA forms, but internal clients – using proxy can’t. They get Error Code 502 proxy server denied the specified URL (12202) even though the listener is configured to listen on both networks. I’m not using split DNS as my ISP is handling external resolution. My internal DNS points owa.domain.co.uk to the ISA server itself.  The clients using proxy trip up on the default rule.

Any ideas as to why internal client using proxy fail but internal clients not using proxy don’t and how to sort it out?

Thanks.
0
Comment
Question by:MrPrince
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 1000 total points
ID: 18889336
You don't mention whether you are running OWA internally on http or https.

1. Generally speaking for this I add the internal site(s) to the Proxy Exceptions (internet tools - options - connections - lan settings - advanced) so that the browser doesn't even access the proxy service when an internal client calls an internal web site. You can also put in the ip range if you need more than the 255-ish characters allowed in the proxy exceptions box. ie 10.0.*; 172.30.254.*; 192.* etc to cover the internal ip addresses instead of using names.

2. Can you confirm that you have a rule within the firewall policy allowing traffic from internal & local host to internal & local host for the required traffic?

Either way you can then amend your publishing rule to just cover the external network only.

0
 

Author Comment

by:MrPrince
ID: 18890050
DOH! I had a rule for internal to internal but not local host to local host as well. I also whacked that rule in at the top and it works now. BTW what protocols would you suggest for nornal Internet Access? I've just specifed 'All Outbound Protocols' but is this a good idea?
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 18892002
lol, glad to have helped, its easily missed :)

Normal Internet is an interesting question....

Normally I allow http, https, & ftp from all users
dns from internal dns servers
smtp from smtp servers
However, all outbound is no issue whatsoever if this is what your IT Security policy allows.

Regards
Keith Alabaster
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Forefront Threat Management Gateway 2010 or FTMG comes with some very neat troubleshooting tools built-in when trying to identify what is actually happening behind the scenes within the product when traffic is passing through its interfaces. To the …
So the following errors occurs in 2 ways that I am aware of at this stage, and you receive one of the following error messages: ERROR 1. When trying to save a rule: No Web listener is specified for the Web publishing rule Autodiscovery Publishin…
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question