Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Common Web Publishing Problems Part 1

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2000 General] >> Web Publishing >> Common Web Publishing Problems Part 1 Page: [1]
Login
Message << Older Topic   Newer Topic >>
Common Web Publishing Problems Part 1 - 21.Nov.2002 11:26:00 PM   
tshinder

 

Posts: 47663
Joined: 10.Jan.2001
From: Texas
Status: offline 		This thread is for the "Common Web Publishing Problems, Part 1" article at http://www.isaserver.org/tutorials/WebPubProblems.html

Thanks!
Tom

[ December 13, 2002, 08:44 AM: Message edited by: tshinder ]
Post #: 1
RE: Common Web Publishing Problems Part 1 - 22.Nov.2002 5:06:00 PM   
DrRAPH

 

Posts: 1
Joined: 22.Nov.2002
From: LUXEMBOURG
Status: offline 		Hi,

I have installed 2 Web Publishing Rules for two http servers and it works very well.
Now, I am trying to implement an SSL encryption and to switch to https for both these servers, but it does not work.

I have installed a certificate on the listener (Incoming Web Request) but it does not work.
I am trying to install a certificate on each of them (publishing rules)awhen I try to select a certificate in the Bridging flag, I get error message (There areno certificates configured on this server).

Can you help me ???????????????

(in reply to tshinder)
Post #: 2
RE: Common Web Publishing Problems Part 1 - 22.Nov.2002 6:07:00 PM   
tshinder

 

Posts: 47663
Joined: 10.Jan.2001
From: Texas
Status: offline 		Hi DrRAPH,

Do you really need a client certificate on the ISA Server? That would only be used if the internal Web server requires a client certificate to authenticate. If so, then you need to obtain a machine certificate for the ISA server and copy it to the Web Proxy service's certificate store.

HTH,
Tom

(in reply to tshinder)
Post #: 3
RE: Common Web Publishing Problems Part 1 - 15.Jul.2003 4:17:00 PM   
cflint

 

Posts: 3
Joined: 15.Jul.2003
Status: offline 		I am trying to publish a web site (Microsoft Class Server) externally and internally. This runs on two W2K3 Enterprise servers running NLB using a private IP address of 192.168.203.247. Each server has it's own address, AASRV01 192.168.200.32 and AASRV02 192.168.200.33.
I have told the IIS service to only listen on the shared address and setup an internal DNS entry for class.domain.local that points to the shared address. This works fine if I navigate to http://class.domain.local internally.

I have setup a web publishing rule for the server that redirects mail.externaldomain.com/MicrosoftClassServer/* entries to the class.domain.local and this works fine from an external address. The mail.externaldomain.com address points to one of the external addresses on the ISA server.

My problem is that we want our students and staff to access the class server the same way internally. So if I point my browser at mail.externaldomain.com internally it resolves to 192.168.200.1 (internal address of the ISA server on our internal DNS server). This then gets passed to the 192.169.200.32 address on AASRV01 server which IIS is not bound to. It then fails to get the page. It also only uses AASRV01 not 02.

My questions then is why does it work externally properly by going to class.internal.local but fails to send it to the correct address when accessed internally. It keeps routing it to aasrv01 instead of class.internal.local.

Why???

(in reply to tshinder)
Post #: 4
RE: Common Web Publishing Problems Part 1 - 15.Jul.2003 10:21:00 PM   
tshinder

 

Posts: 47663
Joined: 10.Jan.2001
From: Texas
Status: offline 		Hi Clive,

You need a split DNS! Check out article by the same name over at www.isaserver.org/shinder

HTH,
Tom

(in reply to tshinder)
Post #: 5
RE: Common Web Publishing Problems Part 1 - 15.Jul.2003 10:58:00 PM   
cflint

 

Posts: 3
Joined: 15.Jul.2003
Status: offline 		Thanks for the quick reply.

I have a split DNS.

Externally the domain is hosted by our ISP and mail.... points to the external ip address on the isa server (used as it's the only address registered that points to our server, easier at the time).

Internally we have our DNS servers for AD and the entry in that one for mail..... points at the isa server internal address. The ISA server then deals with the address.

The powers that be want ALL access to the class server to go through the ISA server. Not sure if this is the best way.

Clive

(in reply to tshinder)
Post #: 6
RE: Common Web Publishing Problems Part 1 - 16.Jul.2003 4:42:00 AM   
tshinder

 

Posts: 47663
Joined: 10.Jan.2001
From: Texas
Status: offline 		Hi Clive,

OK, you have a split DNS, then the ISA Server is configured with the DNS server hosting your internal DNS zone for the same. The ISA Server has no knowledge at all of the external zone, since it has no need of this information.

Also, check out my article on Direct Access for Web Proxy clients over at www.isaserver.org/shinder You never never loop back through the ISA Server fireall to access internal resources, and Direct Access is the way to fix the problem.

HTH,
Tom

(in reply to tshinder)
Post #: 7
RE: Common Web Publishing Problems Part 1 - 16.Jul.2003 7:32:00 AM   
cflint

 

Posts: 3
Joined: 15.Jul.2003
Status: offline 		OK, thanks for that.

The only thing I find strange is that the ISa server is picking up the machine name of the host IIS server, not the virtual name that DNS has for it. Does ISa use NetBIOS?

Clive

(in reply to tshinder)
Post #: 8
RE: Common Web Publishing Problems Part 1 - 16.Jul.2003 2:13:00 PM   
tshinder

 

Posts: 47663
Joined: 10.Jan.2001
From: Texas
Status: offline 		Hi Clive,

What do you mean by the ISA Server firewall is picking up the machine name? How are you coming to this conclusion?

Thanks!
Tom

(in reply to tshinder)
Post #: 9
RE: Common Web Publishing Problems Part 1 - 11.Nov.2003 11:21:00 AM   
Guest
 Hi,

Having some big probs with one of our client's networks.

Installed a new 2k server recently with ISA server and Exchange.

Getting loads of the dreaded 14120 errors and dont have a clue what to do, DNS looks to be correct, but we only have one NIC in the server - does this have any effect?
The server is behind a firewall/router.
The errors are talking about packet filters etc for Web Proxy.
The other problem is that Exchange is collecting mail but not forwarding it to the mailboxes, is this an effect of 14120?

Please help ASAP

Regards

Jason

(in reply to tshinder)
  Post #: 10
RE: Common Web Publishing Problems Part 1 - 11.Nov.2003 11:42:00 AM   
Guest
 Forgot to mention that this is a single server network running both ISA and exchange.
The server is cabled directly to the router which is giving out dhcp to the rest of the network apart from the server which is specified ip.

Regards

(in reply to tshinder)
  Post #: 11
RE: Common Web Publishing Problems Part 1 - 11.Nov.2003 1:29:00 PM   
tshinder

 

Posts: 47663
Joined: 10.Jan.2001
From: Texas
Status: offline 		Hi Jason,

If this is a single NIC setup, you will *always* see the 14120 error. You can turn off the resource allocation alert if you don't want to see that error any longer.

HTH,
Tom

(in reply to tshinder)
Post #: 12
RE: Common Web Publishing Problems Part 1 - 15.Nov.2003 6:40:00 PM   
ferrp

 

Posts: 45
Joined: 5.Oct.2002
Status: offline 		Thanks Tom, This article solved my problems!

(in reply to tshinder)
Post #: 13
RE: Common Web Publishing Problems Part 1 - 16.Nov.2003 5:26:00 PM   
tshinder

 

Posts: 47663
Joined: 10.Jan.2001
From: Texas
Status: offline 		Hi Ferrp,

Great! Good to hear you got it working and thanks for the follow up!

Tom

(in reply to tshinder)
Post #: 14
RE: Common Web Publishing Problems Part 1 - 7.Jan.2004 7:26:00 PM   
fooddaman

 

Posts: 5
Joined: 7.Jan.2004
From: Indiana
Status: offline 		Hi,

I'm trying to setup an new ISA server to publish an internal web server externally. I currently have one setup and running fine, so I am pretty sure I have the steps down. The one difference is that the new server is in Cache only mode since I need it to be a unihomed device. I have reviewed your articles on the subject and I am still unable to make it work.

I have configured a destination set and the web publishing rule. When I try to test I get page cannot be displayed.

I have modified the host file of the ISA server in order to test the destination name internally. I have also tried to connect internally from another workstation with no luck.

I can access the web server directly from the ISA server if I type in it's internal address.

I'm stump, please help!

Thanks,

Brian

(in reply to tshinder)
Post #: 15
RE: Common Web Publishing Problems Part 1 - 7.Jan.2004 10:43:00 PM   
tshinder

 

Posts: 47663
Joined: 10.Jan.2001
From: Texas
Status: offline 		Hi Brian,

What are the details of the Web Publishing Rule and the NIC configuration on the unihomed Web Proxy?

Thanks!
Tom

(in reply to tshinder)
Post #: 16
RE: Common Web Publishing Problems Part 1 - 7.Jan.2004 11:00:00 PM   
fooddaman

 

Posts: 5
Joined: 7.Jan.2004
From: Indiana
Status: offline 		The web publishing rule is setup as follows;

Destination set: specific destination set
name - arsimages.unionfedbank.com\gw-html\*

Action is to redirect any requests to internal web server at 10.100.101.8 (which I can get to if I put this in the browser on the ISA server)

Bridging is set to forward HTTP requests as HTTP and SSL as HTTPS. I am only testing internally right now so, SSL is not necessary. Also, I did setup a HOST file to route the IP of the ISA server (172.27.3.100) as the arsimages.unionfedbank.com on the ISA server.

The network interface is setup with the IP address of 172.27.3.100; default gateway of 172.27.1.1; and then our DNS servers also.

Sorry, I'm an ISA newbie [Smile]

(in reply to tshinder)
Post #: 17
RE: Common Web Publishing Problems Part 1 - 8.Jan.2004 9:22:00 PM   
fooddaman

 

Posts: 5
Joined: 7.Jan.2004
From: Indiana
Status: offline 		Great news,

the web publishing started working! I'm not exactly sure why, but, I leave that to worry about another day.

Thanks for your help.

(in reply to tshinder)
Post #: 18
RE: Common Web Publishing Problems Part 1 - 9.Jan.2004 2:51:00 AM   
tshinder

 

Posts: 47663
Joined: 10.Jan.2001
From: Texas
Status: offline 		Hi Brian,

Great! Good to hear you got it working and thanks for the followup!

Tom

(in reply to tshinder)
Post #: 19
RE: Common Web Publishing Problems Part 1 - 1.Nov.2004 9:06:00 AM   
jpreou

 

Posts: 8
Joined: 5.Aug.2003
Status: offline 		Here's one for you then. I've spent the last few hours trying to get this going.
ONE server : Win2k3, ISA 2000, Exch2k3, DC, DNS.
Internal NIC 192.168.249.1
External NIC 10.0.249.1
Website1, port 80, also hosts OWA
Website2, port 85

I'm trying to get any request coming in from the Internet for 'www.domain1.com' to go to Website1 and any request for 'www.domain2.co.nz' to got to Website 2.

DNS for domain1.com and domain2.com is hosted externally, but I have added zones for both to the server with a 'www' record pointing to the internal NIC of the server.

I configured a destination set for 'www.domain2.co.nz' and then a web server publishing rule with the re-direction, but it didn't like it.

How do I get that whole port re-direction thing going on for 'www.domain2.co.nz' ?
[Confused]

(in reply to tshinder)
Post #: 20

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2000 General] >> Web Publishing >> Common Web Publishing Problems Part 1 Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts