Access website through ISA 2004

Hi I have a weird issue with one web site and ISA 2004.

Web browsing works without faults until someone tries to access http://www.norfolkline.com/ or any of its registered domains.  Instantly we receive a standard 403 error below:

          Error Code: 403 Forbidden. The server denied the specified
          Uniform Resource Locator (URL). Contact the server administrator. (12202)

I have monitored ISA and can see the requests for the website and they do not get blocked.  The Packets I see are:

   Initiated Connection
   Log type: Firewall service
   Status: The operation completed successfully.
   Rule:
   Source: Local Host ( 81.168.9.86:41372)
   Destination: External ( 195.35.110.244:80)

   Allowed Connection
   Log type: Web Proxy (Forward)
   Status: 403 Forbidden
   Rule: Allow all HTTP traffic from ISA Server to all networks (for CRL downloads)
   Source: Local Host ( 10.0.0.3:0)
   Destination: External ( 195.35.110.244:80)
   Request: GET http://www.norfolkline.com/ferry/
   Filter information: Req ID: 1da11fff

   Closed Connection
   Log type: Firewall service
   Status: A connection was gracefully closed in an orderly shutdown process with a
                three-way FIN-initiated handshake.
   Rule:
   Source: Local Host ( 81.168.9.86:41372)
   Destination: External ( 195.35.110.244:80)

I can see that ISA shows 403 Forbidden on the allowed connection but i am not sure why. It isnt an issue with the web site as it works from other sites and ISPs.

Does anyone have any ideas why ISA would be doing this?

Thanks in advance

Dan
SupportteamAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Hendrik WieseInformation Security ManagerCommented:
Hi,

Have a look at your rule called: "Allow all HTTP traffic from ISA Server to all networks (for CRL downloads)", as looks like it gets the 403 Forbidden from this rule, you could try to delete this rule and set it up from scratch.
0
JakkalsKrugerCommented:
Hi,

Look here: http://forums.isaserver.org/m_2001999787/mpage_1/key_/tm.htm#2001999787

Seems you'll need to consider making the internal computers Web Proxy Clients instead of relying on NAT.
0
SupportteamAuthor Commented:
Hi All,
Cheers for the quick responses, I am unable to do anything with the "Allow all HTTP traffic from ISA Server to all networks (for CRL downloads)" policy as its a system policy.  Though I have disabled it to see what happens at which time final policy "SBS Internet Access Rule" (yes its an SBS 2003 Server) stopped the packet with the same 403 error.
As for the webproxy comment all of the clients are using the latest ISA Firewall Client and the web site is external of our network and its not using any ssl on the home page.
Any other ideas guys?
0
SupportteamAuthor Commented:
Hi All,
After more investigation we have found that the company hosting www.norfolkline.com use an ISA server and its actually their ISA server that is blocking our access not ours.
Thanks for the help.
Dan
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Anti-Virus Apps

From novice to tech pro — start learning today.