I'm trying to configure a new ISA Server 2000 installation, integrated with Windows Small Business Server 2003 SP1 (the reason we're using ISA 2000 is that Symantec AV for ISA doesn't support 2004 as yet).
Anyway, I'm a total newbie at this, and I've run into a problem publishing Remote Web Workplace. Our setup looks like this:
SpeedStream ADSL modem (public IP / 10.0.0.138) ---> Netgear firewall/router (10.0.0.1 / 192.168.0.1) ---> SBS (192.168.0.40 / 10.17.1.254) ---> local network (10.17.1.xxx)
ISA rules: Permit all outbound traffic (just for testing!), the default SBS CEICW publishing rules (edited to direct from publishing.domain.local to www.domain.com.au), and a 444 publication rule.
I've set up a simple split DNS, and RWW/OWA/SharePoint etc can all be accessed via their proper domain names on the internal network. The same cannot be said, however, for external clients. When we try to access the site externally, http access works fine, but https does not. When we go to /Remote, the browser hangs. We can access /Remote/login.aspx (or whatever the URL is) but can't log in.
In the ISA log, we get a 302 message (redirect?) but no further information that I can discern. When I was playing around trying to fix the errors, for a time we would get 502 and 407 errors instead, but the reproduction steps elude me (I'd been bashing my head against this for two days straight before the Christmas break).
The bad part is that I think I've managed to stuff something up - RWW was working this morning, but SharePoint wasn't; it didn't work from RWW, and going to http://www.domain.com.au:444/ internally timed out. So I ran the vb script from the MS KB to add 444 into the SSL ports, added a new commercial SSL certificate to wwwroot, transferred the inhouse SSL certificate to the SharePoint site and then ran the SBS wizard thingy (CEICW) again. The result: we can now access http://www.domain.com.au:444/ and http://www.domain.com.au/Remote/ internally, but neither SharePoint or RWW are accessable outside the firewall - the connection just times out. Also, connecting to http://www.domain.com.au:443/ internally times out as well (maybe this is the problem?
The ISA log suggests it is forwarding the SSL connection to http://www.domain.com.au:443/ rather than https://www.domain.com.au/). Looking at the log on the Netgear, it appears as if the port forwarding is working. If I connect up a Linux box, I can https in all I want.
I'm really stuck -- and have probably missed something obvious -- so if you can help that would be great.
< Message edited by davidiwharper -- 4.Jan.2006 6:05:19 AM >