Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Web Publishing rule being ignored

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Publishing] >> Web Publishing >> Web Publishing rule being ignored Page: [1]
Login
Message << Older Topic   Newer Topic >>
Web Publishing rule being ignored - 15.Sep.2008 12:25:10 PM   
Greenhorn

 

Posts: 2
Joined: 15.Sep.2008
Status: offline 		Hello all,

On ISA 2006, I have created a web publishing rule for a internal site for internal users. Now everything looks corrects, networking wise and the authentication is set up correctly too.  However I cannot get to the site at all, I always get the default denied rule.  It seems as though this rule is being ignored or not registering at all.  Does anyone have troubleshooting advice?

Greeny
Post #: 1
RE: Web Publishing rule being ignored - 18.Sep.2008 6:28:23 PM   
Greenhorn

 

Posts: 2
Joined: 15.Sep.2008
Status: offline 		Just thought I'd give a an update to anyone else stuggling with the same thing I am.
I turned on Diagnostic logging and after wading through the 100's events that were generated in a few minutes I found what I was looking for.

Event ID 30143

The connected client was not authenticated. Only policy rules that apply to all users, including anonymous users, can be evaluated for this request. If rule evaluation cannot be completed without user authentication, ISA Server will return a response with HTTP error 401 (Unauthorized) or 407 (Proxy Authentication Required), allowing the client to submit the request again with user credentials.

Because the client was not authenticated, ISA then only evaluates rules that require no User Authorisation/Authentication and the Web Publishing rule is missed out.

The Web publishing rule is aimed for a certain user group and the web listener is set for Authentication - Integrated only and the user is in the specified group.  So not sure why am I getting that event ID.

Any clues or hints?

(in reply to Greenhorn)
Post #: 2
RE: Web Publishing rule being ignored - 5.Oct.2008 11:36:24 PM   
joseph.a.paradi

 

Posts: 29
Joined: 20.Jun.2004
Status: offline 		One thing to be careful of is that NTLM auth will not work through any type of proxy situation.  Depending on how the clients are getting to the ISA server, if they have to pass through a proxy, NTLM will be broken.  You may try a test with basic auth just to check that traffic is flowing how you expect it.  Also, if your URL is FQDN, then you need to make sure IE has that FQDN in the Intranet zone and that the checkbox is checked to allow creds to be submitted automatically to sites in the intranet zone.  Otherwise, the ISA 401 response with the Negotiate header will not result in the client submitting any creds.

If I understand correctly, this is all happening within your corpnet so you will want to ensure that the web listener has the correct IP on the internal network to listen for traffic.

HTH,
Joseph

(in reply to Greenhorn)
Post #: 3

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Publishing] >> Web Publishing >> Web Publishing rule being ignored Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts