[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 368
  • Last Modified:

ISA on SBS stops external website access.

I recently installed ISA server on SBS 2003 R2 Prem, once I installed it none of the internal websites would work, RWW, OWA, etc, the client also had another custom website running on port 7999 which I could get to work but only after creating a rule for it, the same rule wouldnt publish the other sites. After 6 hours of stuffing around I was able to get http:\\company.com.au to work, but not https:\\company.com.au and if i clicked on any link from the http site it wouldnt work. I cant recall the error that I was getting and stupidly didnt write it down.

Any pointers? Tips? or anybody experience this previously.

And yes I did run the internet connection wizard.

Also all websites worked fine internally. I tried the same certificate, and also tried creating new certificates.
0
NOSIT
Asked:
NOSIT
  • 5
  • 3
1 Solution
 
Keith AlabasterCommented:
Have you deployed SP2?
If so, have you seen this link?
http://support.microsoft.com/default.aspx/kb/936594

Are you using the isa fireall client?
0
 
NOSITAuthor Commented:
I could connect using RDP, I could connect to non SSL website, but not SSL

I do have SP2 instaled however.
0
 
Keith AlabasterCommented:
You don't publish rules for internal servers - only external.
If you are on R2 SP2 of sbs2003 I would run that patch anyway.

Have you deployed the ISA firewall client to the workstations?
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
NOSITAuthor Commented:
ISA firewall client was deployed to 1 test workstation and it could access the internet, and obviously the internal website.

The problem still remains that the website couldnt be accessed through the WAN interface, not sure why thats relevant to the firewall client.??
0
 
Keith AlabasterCommented:
Wanted to make sure that the inside configuration was actually working OK. After you installed ISA and then reran the ceicw to configure the server etc did the normal web sites such as companyweb, owa, oma run OK? The ceicw would have configured the SSL certificate to match the proper settings (ie prior to manually configuring the additional application on port 7999, did the SBS operate as a standard instaall OK?)
0
 
NOSITAuthor Commented:
The normal websites ran ok from inside, but not outside.

The CEICW wizard runs as part of the ISA install, once it was complete i restored my SSL certificates and configured ISA to use the new certificate, I also re ran the CEICW wizard again and let it create a enw certificate that didnt work, and also did a repair install of ISA which ran CEICW again and again let it use a new cert which didnt work.
0
 
abc-solutionsCommented:
You may need have the rule set up to replace the name of the controller (i.e. your SBS box is named sbs-box, and all of the internal stuff goes to http://sbs-box:7999) to have it replaced with https://company.au:7999.  There is a tab in the rule that will do this (regrettably, I don't have my server in front of me at the moment).

Will post back, but I hope this gives you a place to start.

Jeff
jeff@abc-solutions.biz
0
 
NOSITAuthor Commented:
Jeff,

That sounds pretty promising, I am due to go back up there next week and try again so I would greatly appreciate any more info if you get a chance.
0
 
NOSITAuthor Commented:
Ended up resolving this one by doing what you said and had to remove 2 create a few rules also, not sure which fixed it.
0

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

  • 5
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now