ISA 2006, OWA (fba) & Motorola Q smart phone:  page cannot be displayed

Posted on 2007-09-28
Last Modified: 2008-11-17
Greetings, experts.  I'm an IT Director who is testing out the use of a Motorola Q smart phone.  I'm running in to a pesky problem with ISA 2006 that I sure could use some help with.

History first:  Exchange 2000.  OWA works fine (internally & externally to my network).  On ISA 2006 a rule is set up to use HTML forms based authentication (FBA).

Problem:  When I attempt to hit my OWA server, the ISA FBA username & password fields appear.  I type in my users (with & without the domain) and password.  A "the page cannot be displayed" screen appears with "Error Code: 403 forbidden.  The server denied the specified Uniform Resource Locator (URL).  Contact the server administrator (12202)"

When I look at the ISA logs, I see a "denied connection" entry.  Protocol = HTTPS, Rule = Default Rule, Client IP = external IP, Client Username = my username, Source Network = External, Destination Network = blank, HTTP Method = GET, URL =  (Notice that the URL is not HTTPS.)

I have checked and confirmed that the OWA rule exists, but the request from my Motorola Q smart phone doesn't seem to hit this Rule.

I'm rather despirate as I've got a short amount of time to try the phone.  Can anyone help me dig myself out of this hole?  While I'm no ISA guru, this doesn't make sense.

Cheers & thank you for taking the time to read this question.  

Question by:todjklki
    LVL 51

    Accepted Solution

    I was about to jump straight in there with it sounds like the Phone is accessing as a direct http call rather than a secure connection. The fact it is hitting the default rule means that although there are rules in place, the traffic being received does not match any of them else it would have been blocked by one of the previous rules. The patch due to be released for ISA2006 has not been released to the public yet so you need to get the latest version of Wireshark and install it on the ISA Server. Set it to listen to the external interface. This will allow you to see exactly what traffic is arriving from the phone and you can make a rule to match.
    LVL 51

    Expert Comment

    by:Keith Alabaster
    Thanks :)

    Featured Post

    How to run any project with ease

    Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
    - Combine task lists, docs, spreadsheets, and chat in one
    - View and edit from mobile/offline
    - Cut down on emails

    Join & Write a Comment

    So the following errors occurs in 2 ways that I am aware of at this stage, and you receive one of the following error messages: ERROR 1. When trying to save a rule: No Web listener is specified for the Web publishing rule Autodiscovery Publishin…
    A common practice in small networks is making file sharing easy which works extremely well when intra-network security is not an issue. In essence, everyone, that is "Everyone", is given access to all of the shared files - often the entire C: drive …
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

    732 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    20 Experts available now in Live!

    Get 1:1 Help Now