Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Uni-homed ISA, Auth issues.

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2000 General] >> Web Publishing >> Uni-homed ISA, Auth issues. Page: [1]
Login
Message << Older Topic   Newer Topic >>
Uni-homed ISA, Auth issues. - 2.Feb.2004 7:22:00 AM   
aaroneparker

 

Posts: 3
Joined: 2.Feb.2004
From: Brisbane, Australia
Status: offline 		I am configuring a uni-homed ISA Server in a DMZ which is web publishing a number of web sites to web servers in both the DMZ and internally. The first page that the user sees is accessed anonymously to display a number of links, including Outlook Web Access on Exchange 2000. The idea of this page is the the user only has to authenticate one to get to all of the published resources.

The configuration is as follows:

External Address:
- https://portal.company.com

Web Publishing Rule tested configurations
- Client --SSL--> ISA Server --SSL--> Web Server
-Client --SSL--> ISA Server --HTTP--> Web Server

External Certificates using Thawte
Internal Cerficates using internal CA

Web Publishing Rules
- https://portal.company.com/exchange ----> mail.company.com/exchange
- https://portal.company.com/intranet ----> www.company.com/intranet
- https://portal.company.com/support ----> www.company.com/support

When a user clicks on a link an authentication dialog is presented to the user to which they can successfully authenticate and the web page is displayed:

For example:
- Client --SSL--> portal.company.com/intranet --> www.company.com/intranet
- Client <--SSL-- portal.company.com/intranet <-- www.company.com/intranet, passes authentication successfully

However, on other links, ISA Server returns the name of the web server to the browser and thus an authentication dialog is shown again.

For example:
- Client --SSL--> portal.company.com/exchange --> mail.company.com/exchange
- Client <--SSL/HTTP-- mail.company.com/exchange, therefore user must authenticate again.

I need to find out why ISA Server is sending back the wrong host name to the browser rather than ensuring that the user's session only passed through ISA Server.

TIA
Aaron

[ February 02, 2004, 08:37 AM: Message edited by: aaroneparker ]
Post #: 1

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2000 General] >> Web Publishing >> Uni-homed ISA, Auth issues. Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts