Solved

Internal Website displays "Network Access Message: The page cannot be displayed"  on Forefront TMG

Posted on 2010-08-29
12
4,817 Views
Last Modified: 2012-05-10
Hi,

I'm having problems trying to access an internal website from behind a Forefront TMG server. When I try and access this server i'm greeted with "Network Access Message: The page cannot be displayed"

Technical Information (for support personnel)
Error Code: 403 Forbidden. Forefront TMG denied the specified Uniform Resource Locator (URL). (12202)
IP Address: 10.0.0.12
Date: 29/08/2010 14:52:12 [GMT]
Server: SRV-004.mjncomputers.co.uk
Source: proxy

 
0
Comment
Question by:TechLad
  • 6
  • 3
  • 2
  • +1
12 Comments
 
LVL 11

Expert Comment

by:mattibutt
ID: 33553365
have you looked at the IIS configuration like everything is congiured FQDN etc ? have you tried to open as https instead of http
0
 
LVL 5

Expert Comment

by:adaroc
ID: 33553436
0
 

Author Comment

by:TechLad
ID: 33553508
mattibutt:

I've tryed a number of things still no luck. I can access the web server from the TMG computers thats hosting it my typing http://srv-004, however unable to do that on any of the client machines.

unable to access the server my typing srv-004.domain-name.com either
0
NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

 
LVL 11

Assisted Solution

by:mattibutt
mattibutt earned 333 total points
ID: 33553514
i am assuming firewall is not an issue you have your firewall correctly configured?
0
 
LVL 11

Expert Comment

by:mattibutt
ID: 33553518
i think in server 2008 it sets two names one for inernal use and one for external what did you put on external have put it on different ports to see the effect maybe the port is already used by something else
0
 
LVL 11

Expert Comment

by:mattibutt
ID: 33553525
is your dns setting correct try to run nslookup from client machine to check your server dns settings
0
 
LVL 11

Expert Comment

by:mattibutt
ID: 33553569
http://www.computing.net/answers/networking/cant-access-external-website/40133.html
can you have a look at this its basically saying the internal and external address should be different is that correct in your case?
0
 
LVL 77

Accepted Solution

by:
arnold earned 167 total points
ID: 33553612
You might want to exempt the internal traffic from going through the Forefront TMG or configure TMG to allow the traffic originating from the LAN to return through the forefront TMG to the LAN server.
Presumably it is used as a proxy.  Exempt LAN local traffic from going through the proxy and permit direct connection.
0
 

Author Comment

by:TechLad
ID: 33553682
mattibutt:

I did nslookup on a client machine and this is the resualts

C:\Docuements and Settings\admin>nslookup
***carn't find server name for address 10.0.0.10: None-existent domain
***Defualt server's are not available
Defualt Server: unknown
Address: 10.0.0.10

arnold:

How would I be able to try exempting local traffic from passing though the proxy server ? not 100% sure on doing that.
0
 
LVL 11

Assisted Solution

by:mattibutt
mattibutt earned 333 total points
ID: 33553684
seems to me your dns server is not correctly configured try to do the same on server see what happen if you have multiple NIC cards it also causes the problem in 2008 if you run nslookup on server and it also fails then report back
0
 

Author Comment

by:TechLad
ID: 33553766
Yeah I think I can explain most of that becouse I have multipal DNS servers and it was very slow internet access with Forefront as my router has DNS my forefront has DNS and my domain controller has DNS aswell
0
 
LVL 77

Expert Comment

by:arnold
ID: 33554517
Which has the DHCP server? You can configure the DHCP to include the settings for the DNS which should point the LAN systems to the DC/Domain DNS. External DNS does not have a wqy to resolve the localdomain.  You might want to point the forefront DNS to the Domain DNS servers.

Are you using a GPO to set the Proxy on the clients?
Within the same section where you define the proxy option, there is a section where you can exempt the LAN as well as specific sites from going through the proxy.

 
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

So the following errors occurs in 2 ways that I am aware of at this stage, and you receive one of the following error messages: ERROR 1. When trying to save a rule: No Web listener is specified for the Web publishing rule Autodiscovery Publishin…
Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question