Avatar of AnthonyThack
AnthonyThack asked on

ISA server in SBS 2003. is blocking a site, how do i allow?

one of our staff uses a site to edit parcel deliverys to Aisa.
its a process that involes (on the site) the upload of documents and pictures via  a control panel.

once the user goes onto the upload section, they upload two or three files everything is fine....
the second / third file gets a "windows login" prompt (i assume its for isa) they put in thier credentials, and then it jst hangs / crashes

i have found in the logs these 2 errors

Failed Connection Attempt GPSERVER 5/21/2008 10:28:14 AM
Log type: Web Proxy (Forward)
Status: 5 Access is denied.  
Rule: SBS Internet Access Rule
Source: Internal ( 192.168.1.7:0)
Destination: External ( 192.168.1.24:8080)
Request: POST http://www.asiainspection.com/qi/autosave.nsf/store?openagent 
Filter information: Req ID: 1744467b  
Protocol: http
User: anonymous
 Additional information
Client agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648)
Object source: Processing time: 1
Cache info: 0x4 MIME type:
 



Denied Connection GPSERVER 5/21/2008 10:28:14 AM
Log type: Web Proxy (Forward)
Status: 12209 The ISA Server requires authorization to fulfill the request. Access to the Web Proxy service is denied.  
Rule: SBS Internet Access Rule
Source: Internal ( 192.168.1.7:0)
Destination: External ( 192.168.1.24:8080)
Request: POST http://www.asiainspection.com/qi/autosave.nsf/store?openagent 
Filter information: Req ID: 1744467a  
Protocol: http
User: anonymous
 Additional information
Client agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648)
Object source: Processing time: 1
Cache info: 0x4 MIME type:
 


Really not that good on isa at all! is there anyway i can just add this stie to exceptions? or disable auth for this site?

whats going on?

any help will be much appreciated. many thanks
Microsoft Forefront ISA ServerSoftware FirewallsSBS

Avatar of undefined
Last Comment
AnthonyThack

8/22/2022 - Mon
Nyah247

There is a couple things you can do...

1.  Create an all allow rule just to that site

HTTP/HTTPS > Internal > Website > ALL USERS

2.  Stop requiring authentication for web access and change to all users

3.  Try adding that site to the bypass domains under networks.  Some poorly coded sites...especially java based can play games with authentication requirements.

Also...  On another note you should try testing out the firewall client if you are not already using it.
ASKER
AnthonyThack

thanks for the reply, can you possibly show me brifly how to do steps 1, 2 and 3?
ASKER CERTIFIED SOLUTION
Nyah247

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
ASKER
AnthonyThack

thanks!  this has worked - but

am i an idiot, or is the attaced snapshot of ISA ok?

is it a security risk?

many thanks
ISA.JPG
Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes
ASKER
AnthonyThack

thanks