m4cc4
asked on
Website not visible externally, but ok internally ISA 2004
Hi,
Hope someone can help.
Here's the setup first.
We have a web server with multiple websites. An ISA server with multiple IP addresses.
I created a rule in the ISA server to listen on an external IP (the IP is only for use with the website) and forward to the web server which shows the website.
The website is set up on port 2080 and the ISA rule translates port 80 to 2080.
So i guess first question is, does this sound like the right set up? We're going to be hosting about 3 websites which will all need SSL and from what i've read that means they need their own IP addresses. Also from what i've read, the IP address that the websites use will be lost once ISA passes the request to the webserver so they have to be set up on the webserver to use the internal IP address on different ports with ISA rules to forward everything correctly.
The problem then assuming the set up is correct is i can access the website on the internal network but not externally. DNS was changed about 2 days ago but it's not pinging externally(it's ok internally).
As a test i put it through the google translator as i guess that will act as exteral access and got ..
# Error Code 1460: Timeout
# Background: The gateway could not receive a timely response from the website you are trying to access, a DNS server, or another gateway server. This might indicate that the network is congested or that the website is experiencing technical difficulties.
Is it the case that ISA is either not configured correctly or blocking it for some reason?
Any help would be appreciated. Thanks for reading.
Andrew
Hope someone can help.
Here's the setup first.
We have a web server with multiple websites. An ISA server with multiple IP addresses.
I created a rule in the ISA server to listen on an external IP (the IP is only for use with the website) and forward to the web server which shows the website.
The website is set up on port 2080 and the ISA rule translates port 80 to 2080.
So i guess first question is, does this sound like the right set up? We're going to be hosting about 3 websites which will all need SSL and from what i've read that means they need their own IP addresses. Also from what i've read, the IP address that the websites use will be lost once ISA passes the request to the webserver so they have to be set up on the webserver to use the internal IP address on different ports with ISA rules to forward everything correctly.
The problem then assuming the set up is correct is i can access the website on the internal network but not externally. DNS was changed about 2 days ago but it's not pinging externally(it's ok internally).
As a test i put it through the google translator as i guess that will act as exteral access and got ..
# Error Code 1460: Timeout
# Background: The gateway could not receive a timely response from the website you are trying to access, a DNS server, or another gateway server. This might indicate that the network is congested or that the website is experiencing technical difficulties.
Is it the case that ISA is either not configured correctly or blocking it for some reason?
Any help would be appreciated. Thanks for reading.
Andrew
ASKER
Hi,
There are other sites published on the server but they all use the same IP which has never changed. I've had a look at monitoring as you've suggested and when i look at the site internally i get results, but externally shows nothing.
The site is pointed at the correct IP address.
I'm guessing there could be a firewall or router somewhere that i don't know about.
I'm going to have a look around.
Thanks
There are other sites published on the server but they all use the same IP which has never changed. I've had a look at monitoring as you've suggested and when i look at the site internally i get results, but externally shows nothing.
The site is pointed at the correct IP address.
I'm guessing there could be a firewall or router somewhere that i don't know about.
I'm going to have a look around.
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Turns out the IP address that we were using wasn't in use(even though it was on our paperwork). So i guess ISA didn't care about it not working externally.
Thanks for your suggestions on how to track the problem downl.
Thanks for your suggestions on how to track the problem downl.
Thanks :)
You have published the web server and selected the specific external IP that it is listening on.
You have amended the forwarding section in the rule to redirect to the IIS listening port.
You have checked that the internal IIS box is listing on the same port number that you have set in the ISA listener.
Are other web sites published through your ISA working on on the same web server?
Is the external dns translation for this url pointing to the correct IP?
If you open the ISA gui, select monitoring - logging - click start query, what do you see in the isa log when an access attempt is made?