Website not visible externally, but ok internally ISA 2004


Hope someone can help.

Here's the setup first.
We have a web server with multiple websites. An ISA server with multiple IP addresses.
I created a rule in the ISA server to listen on an external IP (the IP is only for use with the website) and forward to the web server which shows the website.
The website is set up on port 2080 and the ISA rule translates port 80 to 2080.

So i guess first question is, does this sound like the right set up? We're going to be hosting about 3 websites which will all need SSL and from what i've read that means they need their own IP addresses. Also from what i've read, the IP address that the websites use will be lost once ISA passes the request to the webserver so they have to be set up on the webserver to use the internal IP address on different ports with ISA rules to forward everything correctly.

The problem then assuming the set up is correct is i can access the website on the internal network but not  externally. DNS was changed about 2 days ago but it's not pinging externally(it's ok internally).
As a test i put it through the google translator as i guess that will act as exteral access and got ..

# Error Code 1460: Timeout
# Background: The gateway could not receive a timely response from the website you are trying to access, a DNS server, or another gateway server. This might indicate that the network is congested or that the website is experiencing technical difficulties.

Is it the case that ISA is either not configured correctly or blocking it for some reason?

Any help would be appreciated. Thanks for reading.

Who is Participating?
Keith AlabasterConnect With a Mentor Enterprise ArchitectCommented:
Although it is annoying but one way to test ould be (out of hours) to disconnect ISA from the internet. Use a crossover cable from the ISA external nic to a standalone workstation. Put a static ip on the pc and set the default gatewa to the ISA external nic. try to get to the web site (using the ip, not the url). If the traffic appears in the ISA log then it would suggest there is something outside casuing the block.
Keith AlabasterEnterprise ArchitectCommented:
The setup sounds fine.

You have published the web server and selected the specific external IP that it is listening on.
You have amended the forwarding section in the rule to redirect to the IIS listening port.
You have checked that the internal IIS box is listing on the same port number that you have set in the ISA listener.

Are other web sites published through your ISA working on on the same web server?
Is the external dns translation for this url pointing to the correct IP?
If you open the ISA gui, select monitoring - logging - click start query, what do you see in the isa log when an access attempt is made?
m4cc4Author Commented:
There are other sites published on the server but they all use the same IP which has never changed. I've had a look at monitoring as you've suggested and when i look at the site internally i get results, but externally shows nothing.
The site is pointed at the correct IP address.
I'm guessing there could be a firewall or router somewhere that i don't know about.
I'm going to have a look around.

m4cc4Author Commented:
Turns out the IP address that we were using wasn't in use(even though it was on our paperwork). So i guess ISA didn't care about it not working externally.
Thanks for your suggestions on how to track the problem downl.
Keith AlabasterEnterprise ArchitectCommented:
Thanks :)
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.