I have a huge problem and I hope that you can help me out. I have already read this FAQ very thoroughly but I still have problems.

The IIS Setup:
I have an W2K Adv Server running ISA RC1 and IIS5.0. I have made two websites called www.jalokin.dk and www.js-art.com. Each site is in IIS 5.0 setup to listen on port 9999 and has their respective Host Header Name (e.g. www.js-art.com). The IP Adress is set to (All Unassigned) in the properties dialog box for the web site.

The ISA Setup:
I have made two destination sets called "For www.jalokin.dk" and "For www.js-art.com". "Computers in this set" is set to the respective domain name (e.g. www.js-art.com)

I have subsequently made two web publishing rules for the two sites. I select the respective destination set and under the Action tab I set "Destination Site" to the DNS name of the ISA/IIS server (I have also tried to set this value to e.g. www.js-art.com) and redirect HTTP requests to port 9999. In the list of web publishing rules www.js-art.com is #1 and www.jalokin.dk is #2.

The problem:
When I use a browser to connect to www.js-art.com I get the right page on the browser, but when I connect to www.jalokin.dk I only get a lot of page not found. The pages that are not found is referring to an old site (I can tell since there were a lot of frames in the old site) and not the new site.

I suspect that there is a cache involved that is not emptied, but I have set up the webpages to expire immediately in the IIS.

What's wrong with my setup???

I hope to hear from you soon.

Thanks
Nikolaj

------------------

Publishing multiple webs sites is easy, you just have to make sure that everything is in place.

1. Make destination sets
2. Make publishing rules
3. Make sure that you web sites are listening on the right IP address and port number
4. Make sure the web sites use either anonymous or basic authentication
5. Enable passing the original host headers if you need to take advantage of this feature.
6. Make the the appropriate DNS entries are point to the right Listener on the external interface of the ISA Server.

See you after the upgrade :-)

HTH,
Tom

------------------
Tom Shinder
http://www.isaserver.org/shinder/

Thanks for your reply.

I have now installed ISA Eval, but I had to make an IP Packet filter that used the predefined HTTP Server port 80, inbound to make it work.

I can browse my webpages from an external client, but I cannot do it from an internal (on the LAN) client.
When I do a ping www.js-art.com from the internal machine, it can resolve the name to the correct IP adress (the external) but it makes four "request timed out".

Do you have any ideas of what that could be?

Thanks in advance.

Nikolaj

P.S. What does HTH in your reply mean?

------------------

HTH = "Hope this Helps"

Hmmm. You should not have to create a packet filter to allow inbound HTTP requests after you publish your sites. Do you have packet filtering enabled? Do you perhaps have a deny filter in there somewhere for port 80 inbound? Of course, if you did have a deny filter for 80 inbound, the deny would override the allow filter, so it can't be that :-)

Are you running IIS on the same server? If so, you should disable all the IIS Services, which should have been disabled by the ISA Server setup program, but you should check that out to be sure.

When you say you cannot access the pages from internal clients, you're *not* talking about the ISA Server itself, are you? If you are trying to access pages on the ISA Server itself, you *do* need to create packet filters to allow the *outbound* request to the external interface of the ISA Server.

If you are talking about an actual internal client, sitting behind the internal interface of the ISA Server, make sure that you have a protocol rule and a site/content rule that lets you access your site and the HTTP protocol.

Are you using the SecureNAT, Firewall or Web Proxy client? The type of client determines how the Web Proxy Service is accessed.

In order to ping, you must have the client that you want to ping *from* configured as a SecureNAT client. Then you must enable "IP Routing" on the ISA Server.

HTH :-)

Tom

------------------
Tom Shinder
http://www.isaserver.org/shinder/

Thanks for the reply.

All IIS services are stopped.

I am talking about an internal client sitting on the LAN and I do have a protocol rule and a site/content rule that lets me access your site and the HTTP protocol.

I am using Firewall Client Software. I have tried to disable this software, and it doesn't work. On my DHCP server I have defined a default GW to be my Firewall's internal NIC.
When I ping with the Firewall Client Software the ping still gives a "request timed out"

I am able to access the internet from my internal client.

Do you have other suggestions?

Thanks
Nikolaj

Tell me how it goes

------------------
---------------
Ehud Tam
MCSE + Internet

Thanks for the reply. I will try it out tonight, when I come home. I'll let you know of the result.

Nikolaj

The clients are configured to use my internal DNS, and the DNS is configured to use IP Forwarders which are set to the DNS servers of my ISP.

Maybe I have misconfigured the domain name on the internal DNS.

Can you tell me how to do it correct?

Thanks.

Nikolaj

Now I can browse my webservers internally. I had only made destination sets on the domain names and not on the FQDN of the server internally. Furthermore the internal DNS was not correctly configured.

We can close this question now.

Thanks for all the replies.

Nikolaj

The SP can be found at Q275286.

Nikolaj

Good to hear you got it working. Thanks for the tip, too.

Tom

quote:

---

Originally posted by Nikolaj7:
Hi,

Now I can browse my webservers internally. I had only made destination sets on the domain names and not on the FQDN of the server internally. Furthermore the internal DNS was not correctly configured.

We can close this question now.

Thanks for all the replies.

Nikolaj

---

------------------
Tom Shinder
http://www.isaserver.org/shinder/