Solved

Internal Website displays "Network Access Message: The page cannot be displayed"  on Forefront TMG

Posted on 2010-08-29
12
5,071 Views
Last Modified: 2012-05-10
Hi,

I'm having problems trying to access an internal website from behind a Forefront TMG server. When I try and access this server i'm greeted with "Network Access Message: The page cannot be displayed"

Technical Information (for support personnel)
Error Code: 403 Forbidden. Forefront TMG denied the specified Uniform Resource Locator (URL). (12202)
IP Address: 10.0.0.12
Date: 29/08/2010 14:52:12 [GMT]
Server: SRV-004.mjncomputers.co.uk
Source: proxy

 
0
Comment
Question by:TechLad
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 3
  • 2
  • +1
12 Comments
 
LVL 11

Expert Comment

by:mattibutt
ID: 33553365
have you looked at the IIS configuration like everything is congiured FQDN etc ? have you tried to open as https instead of http
0
 
LVL 5

Expert Comment

by:adaroc
ID: 33553436
0
 

Author Comment

by:TechLad
ID: 33553508
mattibutt:

I've tryed a number of things still no luck. I can access the web server from the TMG computers thats hosting it my typing http://srv-004, however unable to do that on any of the client machines.

unable to access the server my typing srv-004.domain-name.com either
0
Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

 
LVL 11

Assisted Solution

by:mattibutt
mattibutt earned 333 total points
ID: 33553514
i am assuming firewall is not an issue you have your firewall correctly configured?
0
 
LVL 11

Expert Comment

by:mattibutt
ID: 33553518
i think in server 2008 it sets two names one for inernal use and one for external what did you put on external have put it on different ports to see the effect maybe the port is already used by something else
0
 
LVL 11

Expert Comment

by:mattibutt
ID: 33553525
is your dns setting correct try to run nslookup from client machine to check your server dns settings
0
 
LVL 11

Expert Comment

by:mattibutt
ID: 33553569
http://www.computing.net/answers/networking/cant-access-external-website/40133.html
can you have a look at this its basically saying the internal and external address should be different is that correct in your case?
0
 
LVL 78

Accepted Solution

by:
arnold earned 167 total points
ID: 33553612
You might want to exempt the internal traffic from going through the Forefront TMG or configure TMG to allow the traffic originating from the LAN to return through the forefront TMG to the LAN server.
Presumably it is used as a proxy.  Exempt LAN local traffic from going through the proxy and permit direct connection.
0
 

Author Comment

by:TechLad
ID: 33553682
mattibutt:

I did nslookup on a client machine and this is the resualts

C:\Docuements and Settings\admin>nslookup
***carn't find server name for address 10.0.0.10: None-existent domain
***Defualt server's are not available
Defualt Server: unknown
Address: 10.0.0.10

arnold:

How would I be able to try exempting local traffic from passing though the proxy server ? not 100% sure on doing that.
0
 
LVL 11

Assisted Solution

by:mattibutt
mattibutt earned 333 total points
ID: 33553684
seems to me your dns server is not correctly configured try to do the same on server see what happen if you have multiple NIC cards it also causes the problem in 2008 if you run nslookup on server and it also fails then report back
0
 

Author Comment

by:TechLad
ID: 33553766
Yeah I think I can explain most of that becouse I have multipal DNS servers and it was very slow internet access with Forefront as my router has DNS my forefront has DNS and my domain controller has DNS aswell
0
 
LVL 78

Expert Comment

by:arnold
ID: 33554517
Which has the DHCP server? You can configure the DHCP to include the settings for the DNS which should point the LAN systems to the DC/Domain DNS. External DNS does not have a wqy to resolve the localdomain.  You might want to point the forefront DNS to the Domain DNS servers.

Are you using a GPO to set the Proxy on the clients?
Within the same section where you define the proxy option, there is a section where you can exempt the LAN as well as specific sites from going through the proxy.

 
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Common practice undertaken by most system administrators is to document the configurations and final solutions of anything performed by them for their future use and reference. So here I am going to explain how to export ISA Server 2004 Firewall pol…
Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question