Link to home
Start Free TrialLog in
Avatar of paul-adam
paul-adamFlag for United Kingdom of Great Britain and Northern Ireland

asked on

Proxy 502 error accessing external OWA site (client behind ISA server)

Hi,

I have a really strange issue Im working on for a client - that Im starting to bang my head against the wall with!!!!

My clients network uses an ISA 2006 server as a proxy for accessing the internet.

They have a handful of users who need to access a third party email system (exchange 2003 via OWA).

When accessing the OWA site they recieve the following error in their browser

Network Access Message: The page cannot be displayed
Technical Information (for Support personnel)
Error Code: 502 Proxy Error. The specified Secure Sockets Layer (SSL) port is not allowed. ISA Server is not configured to allow SSL requests from this port. Most Web browsers use port 443 for SSL requests. (12204)
IP Address: xx.xx.xx.xx (this is the local IP of the proxy server)
Date: 27/08/2008 09:58:
 
What is strange though is that the site they are connecting to IS running on 443! (we have access to the third parties exchange server to check).

I have also tested some other clients OWA sites and all but one site fails with the same error.

I have scoured through the one that does work against all the ones that dont and I cannot see ANY major differences in configuration that would cause this - At first I wondered if it was maybe something to do with intergrated auth - But I am not so sure.

Any thoughts would be greatly appreciated!

I should mention at this moment that ISA 2006 has not been SP1'd - although Im considering it!

Thanks

Paul Adam
ASKER CERTIFIED SOLUTION
Avatar of Keith Alabaster
Keith Alabaster
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of paul-adam

ASKER

Hi,

Sorry for the late reply here....

Believe it or not - it was 443!

What it turned out to be was Websense!

Which was the last thing I thought of....the give away in the end was looking at the realtime monitor though - So I am happy to give you the points!

The monitor showed the destination address as the local IP of the proxy server itself!! - v strange!

Needless to say my customer is now having a go at websense to see what they say (and for the time being the users in question have unrestricted/unmonitored access (we tried every setting to "lower" the protection to no avail) - so something in a recent websense update must have messed with OWA access.

Still doesnt explain why we could access one other external owa site! (Im guessing an exchange patch missing etc....)

Interesting one though!

Thanks

Paul
Hi - hope you dont mind me grading you as "B" and "partially" as you definately guided me in the right direction without actually giving me the actual answer!

Thanks again
Paul
No problems at all - :)