We're having seriously annoying issues with reaching internal websites (actually : webinterfaces on routers/switches and printers) trough isa2004.
When trying to connect to a webinterface of a printer we get an errormessage:
Technical Information (for support personnel)
Error Code: 502 Proxy Error. The ISA Server denied the specified Uniform Resource Locator (URL). (12202) IP Address: 10.1.2.50 Date: 4/4/2006 1:58:21 PM Server: FW001.------.net Source: proxy
On the firewall we get the following message :
Original Client IP Client Agent Authenticated Client Service Referring Server Transport HTTP Method MIME Type Object Source Source Proxy Destination Proxy Bidirectional Client Host Name Filter Information Network Interface Raw IP Header Raw Payload GMT Log Time Source Port Processing Time Bytes Sent Bytes Received Cache Information Error Information Log Time Client IP Destination IP Destination Port Destination Host Name Protocol Action Rule Result Code HTTP Status Code Client Username Source Network Destination Network URL Server Name Log Record Type 10.1.10.1 - TCP - - - 4/4/2006 1:56:59 PM 1731 37000 9677 125558 0x0 0x0 4/4/2006 3:56:59 PM 10.1.10.1 10.1.2.50 8080 Unidentified IP Traffic Closed Connection 0x80074e20 FWX_E_GRACEFUL_SHUTDOWN Internal Local Host - FW001 Firewall 10.1.10.1 - TCP - - - 4/4/2006 1:57:01 PM 1734 0 0 0 0x0 0x0 4/4/2006 3:57:01 PM 10.1.10.1 10.1.2.50 8080 Unidentified IP Traffic Initiated Connection 0x0 Internal Local Host - FW001 Firewall
When I disable both the firewallclient and the webproxyclient the connection succeeds. Adding the ipaddress to the 'do not use proxyserver for addresses beginning with' does not make a difference, and fails.
On the propertiepage of the networks-internal-addresses tab the series 10.1.0.0-10.6.255.255 is included in the 'specify the ip-address range to include in this network' and in the webbrowser tab, the 'bypass proxy for webservers in this network' and the 'directly access the servers in this domain' is enabled. Also the 'directly access these servers or domains' includes the 10.1.0.0-10.6.255.255 range.