CAnt access OWA through ISA Firewall

Ok, I have just started doing business with a client and have just started looking at their SBS2003 premium.  They have exchange and ISA running but not playing so nicely.

It was all working properly about 8 months ago when there server died, the old tech they had restored there server but with problems.  I have since then reset the permissions on the Exchange folders in IIS.  This got OWA working from the inside.  When I try to access the page from the outside I sign in and get this

The page cannot be displayed  
Explanation: There is a problem with the page you are trying to reach and it cannot be displayed.

--------------------------------------------------------------------------------

Try the following:

Refresh page: Search for the page again by clicking the Refresh button. The timeout may have occurred due to Internet congestion.
Check spelling: Check that you typed the Web page address correctly. The address may have been mistyped.
Access from a link: If there is a link to the page you are looking for, try accessing the page from that link.

--------------------------------------------------------------------------------

Technical Information (for support personnel)

Error Code: 403 Forbidden. The server denied the specified Uniform Resource Locator (URL). Contact the server administrator. (12202)  

They are using a wildcard cert, but if I try and use the cert made on the server by the server I still get this

The page cannot be displayed  
Explanation: There is a problem with the page you are trying to reach and it cannot be displayed.

--------------------------------------------------------------------------------

Try the following:

Refresh page: Search for the page again by clicking the Refresh button. The timeout may have occurred due to Internet congestion.
Check spelling: Check that you typed the Web page address correctly. The address may have been mistyped.
Access from a link: If there is a link to the page you are looking for, try accessing the page from that link.

--------------------------------------------------------------------------------

Technical Information (for support personnel)

Error Code: 500 Internal Server Error. The certificate chain was issued by an authority that is not trusted. (-2146893019)

I have remade the Isa OWA rule many times and when I do.

So to recap

I can use it inside with both of the certs, wildcard, and server made.
I can access the page using the wildcard but after signing in it errors.
When using the server made cert I get nowhere.  I have tried setting up the ISA rule again still no go.

I have also ran the SBS connect to the internet wizard but it usually errors on the firewall configuration.

Also this server is a edge server I believe, it has the internet coming in through PCI ADSL modem and then out through ethernet to the rest of the network.  Everything else on the server work fine except OWA and havent even looked at OMA or other web functions.
sanderjcAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

pierre_rouxCommented:
Try running ICW again, this should reconfigure ISA and exchange to work together.
0
sanderjcAuthor Commented:
Tried running it about 5 times but it errors on the 2nd and 3rd option.  WHich i believe is firewall and something(not sure).
0
pierre_rouxCommented:
Can you post the ICW log?  there should be an error code reported.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

sanderjcAuthor Commented:
Sorry for the delay, where do i get them?
0
pierre_rouxCommented:
Sorry been away for a couple of days myself search for icwlog.txt on the server.  Then look for any errors and post here.
0
pierre_rouxCommented:
0
sanderjcAuthor Commented:
I cant find those log files on the server.  Would you happen to know the location of them?
0
pierre_rouxCommented:
C:\Program Files\Microsoft Windows Small Business Server\Support is the default location.
0
sanderjcAuthor Commented:
Here it is from the last time I ran it.

29/01/2008 6:02 PM
Firewall Rule: SBS DHCP Client
Cannot find the firewall rule, ignoring the error
Firewall Rule: SBS HTTP 80 Out CustomFilter
Cannot find the firewall rule, ignoring the error
Firewall Rule: SBS FTP 20 In CustomFilter
Cannot find the firewall rule, ignoring the error
Firewall Rule: SBS FTP 20 Out CustomFilter
Cannot find the firewall rule, ignoring the error
Firewall Rule: SBS POP3 110 Out CustomFilter
Cannot find the firewall rule, ignoring the error
Firewall Rule: SBS NTP 123 Out CustomFilter
Cannot find the firewall rule, ignoring the error
Firewall Rule: SBS DnsLookupPredefinedType
Cannot find the firewall rule, ignoring the error
Firewall Rule: SBS IcmpPingQueryPredefinedType
Cannot find the firewall rule, ignoring the error
Firewall Rule: SBS IdentdPredefinedType
Cannot find the firewall rule, ignoring the error
Firewall Rule: SBS TS 3389 In CustomFilter
Cannot find the firewall rule, ignoring the error
Firewall Rule: SBS TS 3389 Out CustomFilter
Cannot find the firewall rule, ignoring the error
Firewall Rule: SBS PptpReceivePredefinedType
Cannot find the firewall rule, ignoring the error
Firewall Rule: SBS PptpCallPredefinedType
Cannot find the firewall rule, ignoring the error
Firewall Rule: SBS FTP 21 In CustomFilter
Cannot find the firewall rule, ignoring the error
Firewall Rule: SBS FTP 21 Out CustomFilter
Cannot find the firewall rule, ignoring the error
Firewall Rule: SBS SMTP 25 Out CustomFilter
Cannot find the firewall rule, ignoring the error
Firewall Rule: SBS SmtpPredefinedType
Cannot find the firewall rule, ignoring the error
Firewall Rule: SBS NNTP 119 Out CustomFilter
Cannot find the firewall rule, ignoring the error
Firewall Rule: SBS Remote Web Workplace CustomFilter
Cannot find the firewall rule, ignoring the error
Firewall Rule: SBS NTP 123 Out CustomFilter
Cannot find the firewall rule, ignoring the error
Firewall Rule: Small Business RPC over HTTP Publishing Rule
Cannot find the firewall rule, ignoring the error
Firewall Rule: Small Business Business Card Publishing Rule
Cannot find the firewall rule, ignoring the error
Firewall Rule: Small Business CompanyWeb Publishing Rule
Cannot find the firewall rule, ignoring the error
Firewall Rule: Small Business TSWEB Publishing Rule
Cannot find the firewall rule, ignoring the error
Firewall Rule: Small Business RUP Publishing Rule
Cannot find the firewall rule, ignoring the error
Firewall Rule: Small Business Monitoring Publishing Rule
Cannot find the firewall rule, ignoring the error
Firewall Rule: Small Business OMA Publishing Rule
Cannot find the firewall rule, ignoring the error
Firewall Rule: Small Business OWA Web Publishing Rule
Cannot find the firewall rule, ignoring the error
Firewall Rule: Small Business Web Publishing Rule
Cannot find the firewall rule, ignoring the error
Firewall Rule: Small Business Server All Users Protocol Rule
Cannot find the firewall rule, ignoring the error
Firewall Rule: Small Business Internet Access Protocol Rule
Cannot find the firewall rule, ignoring the error
Firewall Rule: Small Business Internet Access Protocol Rule 2
Cannot find the firewall rule, ignoring the error
Firewall Rule: Small Business Server Internet Access Site and Content Rule
Cannot find the firewall rule, ignoring the error
Firewall Rule: Small Business Server Internet Access Site and Content Rule 2
Cannot find the firewall rule, ignoring the error
Firewall Rule: Small Business Server All Users Site and Content Rule
Cannot find the firewall rule, ignoring the error
Call to Removing ISA2k related firewall rules () returned ok.
Custom protocol name: SBS FTP 20 In CustomFilter
Cannot find the custom protocol, ignoring the error
Custom protocol name: SBS FTP 20 Out CustomFilter
Cannot find the custom protocol, ignoring the error
Custom protocol name: SBS NTP 123 Out CustomFilter
Cannot find the custom protocol, ignoring the error
Custom protocol name: SBS Remote Web Workplace CustomFilter
Cannot find the custom protocol, ignoring the error
Call to Removing ISA2k related custom protocols () returned ok.
Call to Removing inbound access rule allowing anybody in () returned ok.
Call to Removing inbound access rule allowing anybody out () returned ok.
CStingrayCommit::CommitPortMappings
CStringray::RemoveAllSpecialRules
Call to Resetting the rule enumeration () returned ok.
Call to MoveToNextSpecialRule () returned ok.
Call to Getting the special rule info () returned ok.
Removing the access rule SBS RWW Inbound Access Rule
Call to Removing the access rule () returned ok.
Call to MoveToNextSpecialRule () returned ok.
Call to Getting the special rule info () returned ok.
Removing the access rule SBS RDP Server Access Rule
Call to Removing the access rule () returned ok.
Call to MoveToNextSpecialRule () returned ok.
Call to Getting the special rule info () returned ok.
Removing the access rule SBS PPTP Outbound Access Rule
Call to Removing the access rule () returned ok.
Call to MoveToNextSpecialRule () returned ok.
Call to Getting the special rule info () returned ok.
Removing the access rule SBS NNTP Outbound Access Rule
Call to Removing the access rule () returned ok.
Call to MoveToNextSpecialRule () returned ok.
Call to Getting the special rule info () returned ok.
Removing the access rule SBS Smtp Outbound Access Rule
Call to Removing the access rule () returned ok.
Call to MoveToNextSpecialRule () returned ok.
Call to CStringray::RemoveAllSpecialRules () returned ok.
Call to Removing all special firewall rules () returned ok.
CStingrayCommit::CreateStandardPortMappings
Call to Enabling the DHCP system policy () returned ok.
Call to Enabling the CRL download system policy () returned ok.
Call to Creating the DHCP access rule () returned ok.
Call to Disabling ICMP () returned ok.
Call to CStingrayCommit::CreateStandardPortMappings () returned ok.
Call to Creating the standard filters () returned ok.
CStingrayCommit::CreatePortMappingsFromXML
Call to Resetting the port mapping list () returned ok.
Call to Getting the number of port mappings () returned ok.
Number of port mappings 5
Call to Getting the next port mapping () returned ok.
Call to Reading Port () returned ok.
Call to Reading Protocol () returned ok.
Call to Reading Direction () returned ok.
Call to Validating TCP direction () returned ok.
Call to Reading Enable () returned ok.
Call to Getting the name for the predefined port mapping () returned ok.
Call to Creating tcp port mapping protocol () returned ok.
Call to Creating the outbound SMTP access rule () returned ok.
Call to Creating the outbound POP3 access rule () returned ok.
Call to Creating the outbound NNTP access rule () returned ok.
Call to Handling predefined port mapping () returned ok.
Creating access rule SBS Smtp Server Access Rule TCP 25 returned 0
Call to Getting the next port mapping () returned ok.
Call to Reading Port () returned ok.
Call to Reading Protocol () returned ok.
Call to Reading Direction () returned ok.
Call to Validating TCP direction () returned ok.
Call to Reading Enable () returned ok.
Skipping the port mapping for Port 1723
Call to Creating the outbound PPTP access rule () returned ok.
Call to Handling predefined port mapping () returned ok.
Call to Creating outbound PPTP access rule () returned ok.
Call to Getting the next port mapping () returned ok.
Call to Reading Port () returned ok.
Call to Reading Protocol () returned ok.
Call to Reading Direction () returned ok.
Call to Validating TCP direction () returned ok.
Call to Reading Enable () returned ok.
Call to Getting the name for the predefined port mapping () returned ok.
Call to Creating tcp port mapping protocol () returned ok.
Call to Creating the outbound RDP access rule () returned ok.
Call to Handling predefined port mapping () returned ok.
Creating access rule SBS RDP Server Access Rule TCP 3389 returned 0
Call to Getting the next port mapping () returned ok.
Call to Reading Port () returned ok.
Call to Reading Protocol () returned ok.
Call to Reading Direction () returned ok.
Call to Validating TCP direction () returned ok.
Call to Reading Enable () returned ok.
Call to Getting the name for the predefined port mapping () returned ok.
Call to Creating tcp port mapping protocol () returned ok.
Call to Creating the outbound FTP access rule () returned ok.
Call to Handling predefined port mapping () returned ok.
Creating access rule SBS FTP Server Access Rule TCP 21 returned 0
Call to Getting the next port mapping () returned ok.
Call to Reading Port () returned ok.
Call to Reading Protocol () returned ok.
Call to Reading Direction () returned ok.
Call to Validating TCP direction () returned ok.
Call to Reading Enable () returned ok.
Skipping the port mapping for Port 80
Call to CStingrayCommit::CreatePortMappingsFromXML () returned ok.
Call to Creating predefined port mappings () returned ok.
CStingrayCommit::CreatePortMappingsFromXML
Call to Resetting the port mapping list () returned ok.
Call to Getting the number of port mappings () returned ok.
Number of port mappings 1
Call to Getting the next port mapping () returned ok.
Call to Reading Port () returned ok.
Call to Reading Protocol () returned ok.
Call to Reading Direction () returned ok.
Call to Validating TCP direction () returned ok.
Call to Reading Enable () returned ok.
Call to Getting the name for the predefined port mapping for RWW () returned ok.
Call to Creating tcp port mapping protocol () returned ok.
Creating access rule SBS RWW Inbound Access Rule TCP 4125 returned 0
Call to CStingrayCommit::CreatePortMappingsFromXML () returned ok.
Call to Creating custom port mappings () returned ok.
Call to CStingrayCommit::CommitPortMappings () returned ok.
Call to Creating port mappings () returned ok.
CStingrayCommit::CommitWebPublishingRules
Call to Removing all sbs web publishing rules () returned ok.
RUP is published
Call to Fixing the inheritance for default web site () returned ok.
Call to Unpublishing the default web site () returned ok.
Call to Publishing root () returned ok.
Call to Publishing /Exchange () returned ok.
Call to Publishing /ExchWeb () returned ok.
Call to Publishing /Public () returned ok.
Call to Publishing /ExAdmin () returned ok.
Call to Publishing RUP () returned ok.
Call to Publishing client help for RUP () returned ok.
Call to Publishing OMA () returned ok.
Call to Publishing ActiveSync () returned ok.
CStingrayCommit::CreateWebPublishingRules
Call to Reading publishing server name () returned ok.
Call to Creating A record for publishing () returned ok.
Call to Checking the existence of the SBS listener () returned ok.
CStringrayCommit::GetSBSCertHash
Call to Getting the web listener SSL port () returned ok.
SSL Port: 448
Call to Getting the listener cert hash () returned ok.
Call to CStringrayCommit::GetSBSCertHash () returned ok.
Call to Reading the cert hash out of the listener () returned ok.
Call to Reading the Internet Server Name () returned ok.
Internet Server Name: domain.domain.ca
Error 0x800700b7 returned from call to Recreating the SBS web listener().
Error 0x800700b7 returned from call to CStingrayCommit::CreateWebPublishingRules().
Error 0x800700b7 returned from call to Creating ISA2k4 Web publishing rules().
Error 0x800700b7 returned from call to CStingrayCommit::CommitWebPublishingRules().
Error 0x800700b7 returned from call to Creating Web publishing rules().
Error 0x800700b7 returned from call to CStingrayCommit::CommitEx().
Calling CCertCommit::CommitEx
Calling CCertCommit::ValidatePropertyBag
Require SSL for OWA: 1
Require SSL for Remote Portal: 1
Require SSL for Monitoring: 0
Require SSL for OMA: 0
Require SSL for CompanyWeb: 0
Require 128 Bit Encryption: 1
Cert selection: 1
Web server name: domain.domain.ca
CCertCommit::ValidatePropertyBag returned OK
Opening the cert store returned OK
Reading the computer name returned OK
Reading the fully qualified server name returned OK
Get Publishing server name returned OK
Creating the self signed cert returned OK
Creating the self signed external cert for ISA returned OK
Adding the ISA certificate into the store returned OK
Adding the certificate into the store returned OK
Removing the old certs returned OK
Getting the private NIC guid returned OK
Getting the IP address for the private NIC returned OK
Installing the cert hash to IIS metabase for the default website returned OK
Getting the cert hash returned OK
Getting the cert hash returned OK
Initializing ISA2k4 library returned OK
Configuring ISA2k4 for SSL
Checking for the existence of an SSL listener returned OK
Listener exists
Replacing the listener certs with the new hash returned OK
*** Changing Web listener SSL port returned ERROR c004035b
*** Enabling SSL with ISA returned ERROR c004035b
*** CCertCommit::EnableSSL returned ERROR c004035b
*** CCertCommit::CommitEx returned ERROR c004035b
calling CEmailCommit::Commit (0x3cfcd78).
calling CEmailCommit::ValidatePropertyBag ().
calling pdispPPPBag->QueryInterface (IPropertyPagePropertyBag, 0x6e488).
Call to pdispPPPBag->QueryInterface () returned ok.
calling ReadInt4 (0x2d9a20, DB5E5E45-3598-4F1D-8FF7-0ED35B9EB6A4).
Call to ReadInt4 () returned ok.
The out param of ReadInt4() is -1.
calling CValidatePropertyUtil.ValidatePropertyInteger ().
Call to CValidatePropertyUtil.ValidatePropertyInteger () returned ok.
Call to CEMailCommit::ValidatePropertyBag () returned ok.
calling pdispPPPBag->QueryInterface (IPropertyPagePropertyBag, 0x6e4f4).
Call to pdispPPPBag->QueryInterface () returned ok.
calling ReadInt4 (0x2d9a20, DB5E5E45-3598-4F1D-8FF7-0ED35B9EB6A4).
Call to ReadInt4 () returned ok.
The out param of ReadInt4() is -1.
calling GetDomainAndControllerNames ().
Call to GetDomainAndControllerNames () returned ok.
calling GetOrganizationName (\\domain.domain.ca, DC=domain,DC=ca).
Call to GetOrganizationName () returned ok.
calling GetFirstAdministrativeGroup (\\domain.domain.ca, DC=domain,DC=ca, domain).
Call to GetFirstAdministrativeGroup () returned ok.
calling GetFirstRoutingGroup (\\domain.domain.ca, DC=domain,DC=ca, domain, First Administrative Group).
Call to GetFirstRoutingGroup () returned ok.
Call to SetCookieAuthentication () returned ok.
Call to Enabling Wireless admin for OMA () returned ok.
Call to Getting NETBIOS domain name () returned ok.
NETBIOS domain name: domain
Call to Enabling NTLM on /public () returned ok.
calling CommitPOP3 (0x2d9a20).
Call to CommitPOP3 () returned ok.
calling _SetRegInt4Value (HKEY_LOCAL_MACHINE, SOFTWARE\Microsoft\SmallBusinessServer\Connectivity\ICW, Last_MailOption_Exchange, -1).
Ignoring return value from call to _SetRegInt4Value().
Call to CEMailCommit::Commit () returned ok.
calling GetBOConnector ().
Call to GetBOConnector () returned ok.
calling spADs->PutEx (ADS_PROPERTY_CLEAR, msExchSmtpOutboundSecurityPassword).
Call to spADs->PutEx () returned ok.
calling spADs->SetInfo ().
Call to spADs->SetInfo () returned ok.
0
pierre_rouxCommented:
The problem seems to be when configuring the firewall rules, try manually deleting the firewall rules in ISA then rerun ICW it should recreate them.

0
sanderjcAuthor Commented:
Should i delete them all? or only specefic ones?

Also if I do that remotely will that disconnect me?
0
pierre_rouxCommented:
Check the log file and see the errors listed as:

Cannot find the firewall rule, ignoring the error
Firewall Rule: SBS TS 3389 Out CustomFilter

Delete all those, I think you will need to do this while you are on site, as deleting the TS port above should stop you from gaining remote access via RDP.
0
sanderjcAuthor Commented:
Sorry for the long time in reply, I tried that and now it didn't error on the third option, but it did on the Firewall one.  Now when I go to the page I get this

Technical Information (for support personnel)

Error Code 11001: Host not found
Background: This error indicates that the gateway or proxy server could not find the IP address of an upstream (Web) server. This is usually due to a DNS-related error.

And the log says this

12/02/2008 8:59 PM
Firewall Rule: SBS DHCP Client
Cannot find the firewall rule, ignoring the error
Firewall Rule: SBS HTTP 80 Out CustomFilter
Cannot find the firewall rule, ignoring the error
Firewall Rule: SBS FTP 20 In CustomFilter
Cannot find the firewall rule, ignoring the error
Firewall Rule: SBS FTP 20 Out CustomFilter
Cannot find the firewall rule, ignoring the error
Firewall Rule: SBS POP3 110 Out CustomFilter
Cannot find the firewall rule, ignoring the error
Firewall Rule: SBS NTP 123 Out CustomFilter
Cannot find the firewall rule, ignoring the error
Firewall Rule: SBS DnsLookupPredefinedType
Cannot find the firewall rule, ignoring the error
Firewall Rule: SBS IcmpPingQueryPredefinedType
Cannot find the firewall rule, ignoring the error
Firewall Rule: SBS IdentdPredefinedType
Cannot find the firewall rule, ignoring the error
Firewall Rule: SBS TS 3389 In CustomFilter
Cannot find the firewall rule, ignoring the error
Firewall Rule: SBS TS 3389 Out CustomFilter
Cannot find the firewall rule, ignoring the error
Firewall Rule: SBS PptpReceivePredefinedType
Cannot find the firewall rule, ignoring the error
Firewall Rule: SBS PptpCallPredefinedType
Cannot find the firewall rule, ignoring the error
Firewall Rule: SBS FTP 21 In CustomFilter
Cannot find the firewall rule, ignoring the error
Firewall Rule: SBS FTP 21 Out CustomFilter
Cannot find the firewall rule, ignoring the error
Firewall Rule: SBS SMTP 25 Out CustomFilter
Cannot find the firewall rule, ignoring the error
Firewall Rule: SBS SmtpPredefinedType
Cannot find the firewall rule, ignoring the error
Firewall Rule: SBS NNTP 119 Out CustomFilter
Cannot find the firewall rule, ignoring the error
Firewall Rule: SBS Remote Web Workplace CustomFilter
Cannot find the firewall rule, ignoring the error
Firewall Rule: SBS NTP 123 Out CustomFilter
Cannot find the firewall rule, ignoring the error
Firewall Rule: Small Business RPC over HTTP Publishing Rule
Cannot find the firewall rule, ignoring the error
Firewall Rule: Small Business Business Card Publishing Rule
Cannot find the firewall rule, ignoring the error
Firewall Rule: Small Business CompanyWeb Publishing Rule
Cannot find the firewall rule, ignoring the error
Firewall Rule: Small Business TSWEB Publishing Rule
Cannot find the firewall rule, ignoring the error
Firewall Rule: Small Business RUP Publishing Rule
Cannot find the firewall rule, ignoring the error
Firewall Rule: Small Business Monitoring Publishing Rule
Cannot find the firewall rule, ignoring the error
Firewall Rule: Small Business OMA Publishing Rule
Cannot find the firewall rule, ignoring the error
Firewall Rule: Small Business OWA Web Publishing Rule
Cannot find the firewall rule, ignoring the error
Firewall Rule: Small Business Web Publishing Rule
Cannot find the firewall rule, ignoring the error
Firewall Rule: Small Business Server All Users Protocol Rule
Cannot find the firewall rule, ignoring the error
Firewall Rule: Small Business Internet Access Protocol Rule
Cannot find the firewall rule, ignoring the error
Firewall Rule: Small Business Internet Access Protocol Rule 2
Cannot find the firewall rule, ignoring the error
Firewall Rule: Small Business Server Internet Access Site and Content Rule
Cannot find the firewall rule, ignoring the error
Firewall Rule: Small Business Server Internet Access Site and Content Rule 2
Cannot find the firewall rule, ignoring the error
Firewall Rule: Small Business Server All Users Site and Content Rule
Cannot find the firewall rule, ignoring the error
Call to Removing ISA2k related firewall rules () returned ok.
Custom protocol name: SBS FTP 20 In CustomFilter
Cannot find the custom protocol, ignoring the error
Custom protocol name: SBS FTP 20 Out CustomFilter
Cannot find the custom protocol, ignoring the error
Custom protocol name: SBS NTP 123 Out CustomFilter
Cannot find the custom protocol, ignoring the error
Custom protocol name: SBS Remote Web Workplace CustomFilter
Cannot find the custom protocol, ignoring the error
Call to Removing ISA2k related custom protocols () returned ok.
Call to Removing inbound access rule allowing anybody in () returned ok.
Call to Removing inbound access rule allowing anybody out () returned ok.
CStingrayCommit::CommitPortMappings
CStringray::RemoveAllSpecialRules
Call to Resetting the rule enumeration () returned ok.
Call to MoveToNextSpecialRule () returned ok.
Call to Getting the special rule info () returned ok.
Removing the access rule SBS RWW Inbound Access Rule
Call to Removing the access rule () returned ok.
Call to MoveToNextSpecialRule () returned ok.
Call to CStringray::RemoveAllSpecialRules () returned ok.
Call to Removing all special firewall rules () returned ok.
CStingrayCommit::CreateStandardPortMappings
Call to Enabling the DHCP system policy () returned ok.
Call to Enabling the CRL download system policy () returned ok.
Call to Creating the DHCP access rule () returned ok.
Call to Disabling ICMP () returned ok.
Call to CStingrayCommit::CreateStandardPortMappings () returned ok.
Call to Creating the standard filters () returned ok.
CStingrayCommit::CreatePortMappingsFromXML
Call to Resetting the port mapping list () returned ok.
Call to Getting the number of port mappings () returned ok.
Number of port mappings 5
Call to Getting the next port mapping () returned ok.
Call to Reading Port () returned ok.
Call to Reading Protocol () returned ok.
Call to Reading Direction () returned ok.
Call to Validating TCP direction () returned ok.
Call to Reading Enable () returned ok.
Call to Getting the name for the predefined port mapping () returned ok.
Call to Creating tcp port mapping protocol () returned ok.
Call to Creating the outbound SMTP access rule () returned ok.
Call to Creating the outbound POP3 access rule () returned ok.
Call to Creating the outbound NNTP access rule () returned ok.
Call to Handling predefined port mapping () returned ok.
Creating access rule SBS Smtp Server Access Rule TCP 25 returned 0
Call to Getting the next port mapping () returned ok.
Call to Reading Port () returned ok.
Call to Reading Protocol () returned ok.
Call to Reading Direction () returned ok.
Call to Validating TCP direction () returned ok.
Call to Reading Enable () returned ok.
Skipping the port mapping for Port 1723
Call to Creating the outbound PPTP access rule () returned ok.
Call to Handling predefined port mapping () returned ok.
Call to Creating outbound PPTP access rule () returned ok.
Call to Getting the next port mapping () returned ok.
Call to Reading Port () returned ok.
Call to Reading Protocol () returned ok.
Call to Reading Direction () returned ok.
Call to Validating TCP direction () returned ok.
Call to Reading Enable () returned ok.
Call to Getting the name for the predefined port mapping () returned ok.
Call to Creating tcp port mapping protocol () returned ok.
Call to Creating the outbound RDP access rule () returned ok.
Call to Handling predefined port mapping () returned ok.
Creating access rule SBS RDP Server Access Rule TCP 3389 returned 0
Call to Getting the next port mapping () returned ok.
Call to Reading Port () returned ok.
Call to Reading Protocol () returned ok.
Call to Reading Direction () returned ok.
Call to Validating TCP direction () returned ok.
Call to Reading Enable () returned ok.
Call to Getting the name for the predefined port mapping () returned ok.
Call to Creating tcp port mapping protocol () returned ok.
Call to Creating the outbound FTP access rule () returned ok.
Call to Handling predefined port mapping () returned ok.
Creating access rule SBS FTP Server Access Rule TCP 21 returned 0
Call to Getting the next port mapping () returned ok.
Call to Reading Port () returned ok.
Call to Reading Protocol () returned ok.
Call to Reading Direction () returned ok.
Call to Validating TCP direction () returned ok.
Call to Reading Enable () returned ok.
Skipping the port mapping for Port 80
Call to CStingrayCommit::CreatePortMappingsFromXML () returned ok.
Call to Creating predefined port mappings () returned ok.
CStingrayCommit::CreatePortMappingsFromXML
Call to Resetting the port mapping list () returned ok.
Call to Getting the number of port mappings () returned ok.
Number of port mappings 1
Call to Getting the next port mapping () returned ok.
Call to Reading Port () returned ok.
Call to Reading Protocol () returned ok.
Call to Reading Direction () returned ok.
Call to Validating TCP direction () returned ok.
Call to Reading Enable () returned ok.
Call to Getting the name for the predefined port mapping for RWW () returned ok.
Call to Creating tcp port mapping protocol () returned ok.
Creating access rule SBS RWW Inbound Access Rule TCP 4125 returned 0
Call to CStingrayCommit::CreatePortMappingsFromXML () returned ok.
Call to Creating custom port mappings () returned ok.
Call to CStingrayCommit::CommitPortMappings () returned ok.
Call to Creating port mappings () returned ok.
CStingrayCommit::CommitWebPublishingRules
Call to Removing all sbs web publishing rules () returned ok.
RUP is published
Call to Fixing the inheritance for default web site () returned ok.
Call to Unpublishing the default web site () returned ok.
Call to Publishing /Exchange () returned ok.
Call to Publishing /ExchWeb () returned ok.
Call to Publishing /Public () returned ok.
Call to Publishing /ExAdmin () returned ok.
Call to Publishing RUP () returned ok.
Call to Publishing client help for RUP () returned ok.
Call to Publishing OMA () returned ok.
Call to Publishing ActiveSync () returned ok.
CStingrayCommit::CreateWebPublishingRules
Call to Reading publishing server name () returned ok.
Call to Creating A record for publishing () returned ok.
Call to Checking the existence of the SBS listener () returned ok.
CStringrayCommit::GetSBSCertHash
Call to Getting the web listener SSL port () returned ok.
SSL Port: 448
Call to Getting the listener cert hash () returned ok.
Call to CStringrayCommit::GetSBSCertHash () returned ok.
Call to Reading the cert hash out of the listener () returned ok.
Call to Reading the Internet Server Name () returned ok.
Internet Server Name: *.domain.ca
Error 0x800700b7 returned from call to Recreating the SBS web listener().
Error 0x800700b7 returned from call to CStingrayCommit::CreateWebPublishingRules().
Error 0x800700b7 returned from call to Creating ISA2k4 Web publishing rules().
Error 0x800700b7 returned from call to CStingrayCommit::CommitWebPublishingRules().
Error 0x800700b7 returned from call to Creating Web publishing rules().
Error 0x800700b7 returned from call to CStingrayCommit::CommitEx().
Calling CCertCommit::CommitEx
Calling CCertCommit::ValidatePropertyBag
Require SSL for OWA: 1
Require SSL for Remote Portal: 1
Require SSL for Monitoring: 0
Require SSL for OMA: 0
Require SSL for CompanyWeb: 0
Require 128 Bit Encryption: 1
Cert selection: -1
CCertCommit::ValidatePropertyBag returned OK
Opening the cert store returned OK
Reading the computer name returned OK
Reading the fully qualified server name returned OK
Reading web publishing selection returned OK
Reading Sharepoint publishing value returned OK
Sharepoint publishing: 0
Initializing ISA2k4 Library returned OK
*** Removing sharepoint publishing rule returned ERROR 80070002
Rule not found, ignorning error and continuing.
Removing Sbs CompanyWeb Listener returned OK
Saving changes and restarting services returned OK
Publishing CompanyWeb through ISA2k4 returned OK
CCertCommit::EnableSSL returned OK
CCertCommit::RequireSSL returned OK
CCertCommit::NotifyRemoteUserPortal returned OK
Reading the Internet Server Name returned OK
Updating provisioning info returned OK
Sending RUP intro mail returned OK
CCertCommit::SaveUserSelections returned OK
CCertCommit::CommitEx returned OK
calling CEmailCommit::Commit (0x3c9e440).
calling CEmailCommit::ValidatePropertyBag ().
calling pdispPPPBag->QueryInterface (IPropertyPagePropertyBag, 0x6e488).
Call to pdispPPPBag->QueryInterface () returned ok.
calling ReadInt4 (0x2dc830, DB5E5E45-3598-4F1D-8FF7-0ED35B9EB6A4).
Call to ReadInt4 () returned ok.
The out param of ReadInt4() is -1.
calling CValidatePropertyUtil.ValidatePropertyInteger ().
Call to CValidatePropertyUtil.ValidatePropertyInteger () returned ok.
Call to CEMailCommit::ValidatePropertyBag () returned ok.
calling pdispPPPBag->QueryInterface (IPropertyPagePropertyBag, 0x6e4f4).
Call to pdispPPPBag->QueryInterface () returned ok.
calling ReadInt4 (0x2dc830, DB5E5E45-3598-4F1D-8FF7-0ED35B9EB6A4).
Call to ReadInt4 () returned ok.
The out param of ReadInt4() is -1.
calling GetDomainAndControllerNames ().
Call to GetDomainAndControllerNames () returned ok.
calling GetOrganizationName (\\domainserver.domain.ca, DC=domain,DC=ca).
Call to GetOrganizationName () returned ok.
calling GetFirstAdministrativeGroup (\\domainserver.domain.ca, DC=domain,DC=ca, Domain).
Call to GetFirstAdministrativeGroup () returned ok.
calling GetFirstRoutingGroup (\\domainserver.domain.ca, DC=domain,DC=ca, Domain, First Administrative Group).
Call to GetFirstRoutingGroup () returned ok.
Call to SetCookieAuthentication () returned ok.
Call to Enabling Wireless admin for OMA () returned ok.
Call to Getting NETBIOS domain name () returned ok.
NETBIOS domain name: DOMAIN
Call to Enabling NTLM on /public () returned ok.
calling CommitPOP3 (0x2dc830).
Call to CommitPOP3 () returned ok.
calling _SetRegInt4Value (HKEY_LOCAL_MACHINE, SOFTWARE\Microsoft\SmallBusinessServer\Connectivity\ICW, Last_MailOption_Exchange, -1).
Ignoring return value from call to _SetRegInt4Value().
Call to CEMailCommit::Commit () returned ok.
calling GetBOConnector ().
Call to GetBOConnector () returned ok.
calling spADs->PutEx (ADS_PROPERTY_CLEAR, msExchSmtpOutboundSecurityPassword).
Call to spADs->PutEx () returned ok.
calling spADs->SetInfo ().
Call to spADs->SetInfo () returned ok.
0
sanderjcAuthor Commented:
If I disable the firewall, and use another firewall, will that work or will ISA still somehow put its fingers into Exchange?
0
pierre_rouxCommented:
In my experience ISA is not the easiest to configure.  Covering new teritory here myself, but I would uninstall ISA, rerun ICW confirm that everything works, then re-install ISA server.  Below is a link to an article on how to install ISA 2004 on SBS.

http://download.microsoft.com/download/4/0/8/40860507-c351-4308-a876-e1b83ee4e77a/isainstallsteps.htm

Lets see how that goes.  I think you will need to do this on site.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
pierre_rouxCommented:
Also run Netdiag from the command prompt, which is included with support tools.  Confirm that the DNS tests pass, you can also run dcdiag for good measure.  If some the tests fail try netdiag /fix.  Noticed in the top of your last post there might be a problem with DNS.
0
XChangingITCommented:
did simply reinstalling ISA work for this issue?
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Forefront ISA Server

From novice to tech pro — start learning today.