• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Problems after moving ISA into DMZ

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Cache] >> General >> Problems after moving ISA into DMZ Page: [1]
Login
Message << Older Topic   Newer Topic >>
Problems after moving ISA into DMZ - 15.Sep.2005 12:25:00 PM   
phseven

 

Posts: 7
Joined: 15.Sep.2005
Status: offline
Any advise would be greatly appreciated.

I had a successful working ISA server with an SSL OWA and Radius Authentication when the ISA server and Exchange server were in the same subnet.
The ISA server is configured with a single network card.
This Internal network was behind a firewall, and the ISA address was behind NAT.

The ISA server is now in a DMZ.
I done some reconfiguration in order to support the new placement by changing IP addresses, etc. but I cannot get OWA to work again. Other things do work.
The following topology is in place.

Internet - FW1 - Router - ISA server
.........................|
.........................|
........................FW2 - Internal network

The ISA server has an outside address on the Network card, and any internal traffic is routed via the Router to the Internal network. FW2 provided a NAT address between Internal and External.

I can access the ISA server from the Internal network.
I can use the ISA server as a proxy server from the Internal Network.

My OWA config used to request the client for an SSL certificate, then provide a Radius authentication page, before allowing OWA access.
This no longer works.
Now I get a Radius Auth request but no certificate request.
Radius appears to be working, as my logs show this, and the ISA log shows https denied.
Very strange.

Can anyone provide an insight.
Ask questions if you need.
Many thanks
Post #: 1
RE: Problems after moving ISA into DMZ - 18.Sep.2005 11:32:00 AM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
ACK!

A single NIC ISA firewall?

Check my sig!

Relegating this post to the Web proxy section.

Thanks!
Tom

(in reply to phseven)
Post #: 2

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Cache] >> General >> Problems after moving ISA into DMZ Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts