Welcome to ISAserver.org

Web publishing not working on the ISA 2006

Users viewing this topic: none

Logged in as: Guest

Printable Version

All Forums >> [ISA 2006 Publishing] >> Web Publishing >> Web publishing not working on the ISA 2006

Page: [1]

Message

<< Older Topic Newer Topic >>

Web publishing not working on the ISA 2006 - 18.Dec.2006 5:04:51 AM

activesoft

Posts: 2
Joined: 18.Dec.2006
Status: offline

Hi All I have a web publishing problem on the ISA 2006. I only work with ISA 2000, so not experienced on the ISA 2004/2006. Here is my test lab configuration.

ISA Server:
============
Ethernet adapter Perimeter:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Compaq NC3121 Fast Ethernet NIC #2
Physical Address. . . . . . . . . : 00-08-C7-D9-BE-B9
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.20.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
Ethernet adapter ASFT External:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Compaq NC3121 Fast Ethernet NIC
Physical Address. . . . . . . . . : 00-50-8B-61-75-B6
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.0.20
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 210.55.12.1
210.55.12.2
Ethernet adapter Internal:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 3Com EtherLink XL 10/100 PCI For Complete
PC Management NIC (3C905C-TX)
Physical Address. . . . . . . . . : 00-01-03-45-01-A6
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.10.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
I have entered "testsite" on the ISA server local hosts file, [192.168.20.20 testsite]

WEB server, it is on the perimeter network:
===========================================
IP Address. . . . . . . . . . . . : 192.168.20.20
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.20.1
I setup a web site http://testsite on this web server (I have entered "testsite" on the web server local hosts file[192.168.20.20 testsite])

PC, it is on the internal network:
==================================
IP Address. . . . . . . . . . . . : 192.168.10.10
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.10.1
I have entered "testsite" on the pc local hosts file, [192.168.20.20 testsite]

I setup:
1) ISA server networks:
internal : 192.168.10.1 - 192.168.10.255
primeter : 192.168.20.1 - 192.168.20.255
asft external: : 192.168.0.1 - 192.168.0.255
2) 3-Leg Perimeter network template
3) set up a network rule to route from source network [internal,primeter,asft external] to [internal,primeter,asft external]
4) set up a firewal policy to allow ping from [internal,primeter,asft external] to [internal,primeter,asft external]
5) Set up web listener called "ASFt listener" with following properties:
Networks = [internal,primeter,asft external]
client connection type, enable http connections on port 80
authentication : no authentication
6) set up a web publishing rule:
Action : allow
From: anywhere
To: published site = testsite, computer name or IP address = 192.168.20.20, forward the original host header, Requests appear to come from the original client
Listerenr: "ASFt listener"
Public Name: this rule applies to all the rules

I thought I setup every thing right but some how the web publishing rule not working.
I can ping from [pc,webserver,isaserver] to [pc,webserver,isaserver], all working fine.
When I look at the monitoring log, the ISA server is Denied the connection by Default rule. It is not even processing the web publish rule, which is the first rule on the list.

I would appreciate if you guys tell me what I am doing wrong. I am very confused about the web publishing rule.
Thank you in advance.
Cheers
Raj

< Message edited by activesoft -- 18.Dec.2006 5:06:42 AM >

Post #: 1

Featured Links*

RE: Web publishing not working on the ISA 2006 - 19.Dec.2006 10:34:17 AM

tshinder

Posts: 47668
Joined: 10.Jan.2001
From: Texas
Status: offline

Hi Raj,

Check out the book link in my signature so that you can learn about the ISA 2004 Firewall, which works just about the same as the 2006 ISA Firewall.

Thanks!
Tom

_____________________________

Thomas W Shinder, M.D.
Sr. Consultant/Technical Writer
Prowess Consulting http://www.prowessconsulting.com/
Blog: http://blogs.isaserver.org/shinder/

GET THE NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8

(in reply to activesoft)

Post #: 2

RE: Web publishing not working on the ISA 2006 - 20.Dec.2006 1:00:51 AM

activesoft

Posts: 2
Joined: 18.Dec.2006
Status: offline

Thanks Tom.
I am going to buy that book but it is going to take another couple of week cos ordering from Amazon.
At the mean time I fixed the issue, now every thing working fine.
Basically I made a silly mistake, host file entries were wrong.
Thanks you all.
Cheers
Raj

< Message edited by activesoft -- 20.Dec.2006 1:03:19 AM >

(in reply to tshinder)

Post #: 3

RE: Web publishing not working on the ISA 2006 - 20.Dec.2006 10:21:50 AM

tshinder

Posts: 47668
Joined: 10.Jan.2001
From: Texas
Status: offline

Hi Raj,

Great! Good to hear you got it working and thanks for the follow up!

Tom

_____________________________

Thomas W Shinder, M.D.
Sr. Consultant/Technical Writer
Prowess Consulting http://www.prowessconsulting.com/
Blog: http://blogs.isaserver.org/shinder/

GET THE NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8

(in reply to activesoft)

Post #: 4