Internal Website displays "Network Access Message: The page cannot be displayed" on Forefront TMG

Hi,

I'm having problems trying to access an internal website from behind a Forefront TMG server. When I try and access this server i'm greeted with "Network Access Message: The page cannot be displayed"

Technical Information (for support personnel)
Error Code: 403 Forbidden. Forefront TMG denied the specified Uniform Resource Locator (URL). (12202)
IP Address: 10.0.0.12
Date: 29/08/2010 14:52:12 [GMT]
Server: SRV-004.mjncomputers.co.uk
Source: proxy

 
TechLadAsked:
Who is Participating?
 
arnoldCommented:
You might want to exempt the internal traffic from going through the Forefront TMG or configure TMG to allow the traffic originating from the LAN to return through the forefront TMG to the LAN server.
Presumably it is used as a proxy.  Exempt LAN local traffic from going through the proxy and permit direct connection.
0
 
mattibuttCommented:
have you looked at the IIS configuration like everything is congiured FQDN etc ? have you tried to open as https instead of http
0
 
AlexTechCommented:
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
TechLadAuthor Commented:
mattibutt:

I've tryed a number of things still no luck. I can access the web server from the TMG computers thats hosting it my typing http://srv-004, however unable to do that on any of the client machines.

unable to access the server my typing srv-004.domain-name.com either
0
 
mattibuttCommented:
i am assuming firewall is not an issue you have your firewall correctly configured?
0
 
mattibuttCommented:
i think in server 2008 it sets two names one for inernal use and one for external what did you put on external have put it on different ports to see the effect maybe the port is already used by something else
0
 
mattibuttCommented:
is your dns setting correct try to run nslookup from client machine to check your server dns settings
0
 
mattibuttCommented:
http://www.computing.net/answers/networking/cant-access-external-website/40133.html
can you have a look at this its basically saying the internal and external address should be different is that correct in your case?
0
 
TechLadAuthor Commented:
mattibutt:

I did nslookup on a client machine and this is the resualts

C:\Docuements and Settings\admin>nslookup
***carn't find server name for address 10.0.0.10: None-existent domain
***Defualt server's are not available
Defualt Server: unknown
Address: 10.0.0.10

arnold:

How would I be able to try exempting local traffic from passing though the proxy server ? not 100% sure on doing that.
0
 
mattibuttCommented:
seems to me your dns server is not correctly configured try to do the same on server see what happen if you have multiple NIC cards it also causes the problem in 2008 if you run nslookup on server and it also fails then report back
0
 
TechLadAuthor Commented:
Yeah I think I can explain most of that becouse I have multipal DNS servers and it was very slow internet access with Forefront as my router has DNS my forefront has DNS and my domain controller has DNS aswell
0
 
arnoldCommented:
Which has the DHCP server? You can configure the DHCP to include the settings for the DNS which should point the LAN systems to the DC/Domain DNS. External DNS does not have a wqy to resolve the localdomain.  You might want to point the forefront DNS to the Domain DNS servers.

Are you using a GPO to set the Proxy on the clients?
Within the same section where you define the proxy option, there is a section where you can exempt the LAN as well as specific sites from going through the proxy.

 
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.