• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

http error

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 General] >> General >> http error Page: [1]
Login
Message << Older Topic   Newer Topic >>
http error - 1.Jul.2006 4:08:19 AM   
andfirth

 

Posts: 83
Joined: 19.Feb.2004
From: Netherlands
Status: offline
hi,tom

I get an error in the publishing rule for websites.  I imported the xml file from isa 2004 to isa 2006 which goes fine.
before in isa 2004 I don,t get the error.
this is the error when I try to go to my published website.
Error Code: 403 Forbidden. ISA Server is configured to block HTTP requests that require authentication. (12250)

where can i change this . I can't find out where it is configured

thanks andy
Post #: 1
RE: http error - 1.Jul.2006 6:51:35 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Andy,

Disable the HTTP protocol on the listener so that only SSL connections are allowed.

HTH,
Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to andfirth)
Post #: 2
RE: http error - 2.Jul.2006 2:57:36 PM   
andfirth

 

Posts: 83
Joined: 19.Feb.2004
From: Netherlands
Status: offline
Hit tom

But if I disable http in the listener, I must use ssl and then  I have a problem with the listener because I configured OWA already for port 443.
I can't use same port twice. Before I solved this in isa 2004  with publishing on http (80) and OWA with https, this works fine for me.
Am I forced to use ssl in isa 2006?. I prefer to use http in my situation, so my question is how can I configure http  without getting these error that is isa server is configured to block http requests?.

let me kow 

(in reply to tshinder)
Post #: 3
RE: http error - 3.Jul.2006 6:33:51 AM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Andy,

If you don't use SSL, then your credentails are passed in the clear and easily stolen by anybody with a network sniffer.

That is why the ISA firewall is protecting you from doing this.

HTH,
Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to andfirth)
Post #: 4
RE: http error - 3.Jul.2006 11:28:29 AM   
andfirth

 

Posts: 83
Joined: 19.Feb.2004
From: Netherlands
Status: offline
hi tom

I understand that ssl is more secure, but how I handle the fact that I when I want to publish OWA and a website both with ssl?
I cannot use  another listener for the same port? how can I get this work?

Andy


P.S I found out myself already how to solve the http error block message . You can configure it in the advanced properties in the listener tab authentication  advanced properties then enable allow client authentication over http.

< Message edited by andfirth -- 3.Jul.2006 12:39:32 PM >

(in reply to tshinder)
Post #: 5
RE: http error - 4.Jul.2006 4:03:10 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Andy,

You can create an SSL listener and an HTTP listener separately. You don't have to enable both SSL and HTTP on the same listener (which is never required or recommended).

HTH,
Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to andfirth)
Post #: 6
RE: http error - 4.Jul.2006 4:26:59 PM   
andfirth

 

Posts: 83
Joined: 19.Feb.2004
From: Netherlands
Status: offline
hi tom , I think you misunderstand my point.

It was not the meaning to create one listener to enable ssl  and http both. I know how to create one listener for http( 80) and one for ssl (443).
My point was when you want to publish a website with ssl and to publish owa with ssl on the same time you cannot create 2 listeners who has both ssl enabled. you can usae port 443 only once per listener. S I like to know how you can configure both with ssl enabled.

thanks Andy

(in reply to tshinder)
Post #: 7
RE: http error - 4.Jul.2006 4:53:14 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Andy,

You want to publish two SSL sites?

First step is to determine what FQDN is used to access those sites. Then we can go from there.

Thanks!
Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to andfirth)
Post #: 8
RE: http error - 4.Jul.2006 6:32:05 PM   
andfirth

 

Posts: 83
Joined: 19.Feb.2004
From: Netherlands
Status: offline
hi tom

the internal site name is ariel.breda.nwb. the published site name is ariel.xs4all.nl
For exchange it already working with https://ariel.xs4all.nl/exchange .
the common name for the certicate is ariel.xs4all.nl
the isa firewall can resolve the owa published site with the local ip from the machine exchange is running
so finallly is must be https://ariel.xs4all.nl to reach my published website.

thanks
Andy

(in reply to tshinder)
Post #: 9
RE: http error - 6.Jul.2006 5:39:57 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Andy,

OK, good. But you said you wanted to publish a second site. Wasn't that the problem?

Thanks!
Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to andfirth)
Post #: 10
RE: http error - 7.Jul.2006 11:42:39 AM   
andfirth

 

Posts: 83
Joined: 19.Feb.2004
From: Netherlands
Status: offline
hi tom,

I 'll make it more clear for you.

my public domain name is ariel.xs4all.nl

I want to publish a website with  https://ariel.xs4all.nl
I want to publish the owa website with https://ariel.xs4all.nl/exchange.

My main question is how  I configure the listeners to use twice the same ssl port 443. as far as I know you can not use the same port twice for two listeners ( one for the website and one for OWA).

Are you understand what I try to say?

thanks
Andy

(in reply to tshinder)
Post #: 11
RE: http error - 9.Jul.2006 7:21:33 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Andy,

You can do that with one listener.

You create two rules:
1. For the OWA site, which includes the OWA site paths
2. For the other site, which includes the paths for that site

HTH,
Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to andfirth)
Post #: 12
Network Access Message Error code 502 - 18.Aug.2006 5:06:03 PM   
Hansa

 

Posts: 8
Joined: 18.Aug.2006
From: Belgium
Status: offline
Dear all,,
at the moment I have a problem requesting an URL
https://www.test.com:8443
And as a result I receive the following message.




Network Access Message: The page cannot be displayed






 






Technical Information (for Support personnel)

Error Code: 502 Proxy Error. The specified Secure Sockets Layer (SSL) port is not allowed. ISA Server is not configured to allow SSL requests from this port. Most Web browsers use port 443 for SSL requests. (12204)
IP Address: 10.10.10.5
Date: 8/18/2006 12:55:53 P

My configuration is SBS2003 Premium with SP1.
ISA2004 SP2.
Can someone help me with a step by step procedure. My experience is not so well with ISA2004 SP2.
I suppose I must activate a port?
Kind regards,

Hans


(in reply to andfirth)
Post #: 13
RE: Network Access Message Error code 502 - 20.Aug.2006 11:59:37 PM   
gja

 

Posts: 50
Joined: 15.Aug.2006
From: The Netherlands
Status: offline
By default ISA only allows HTTPS trafic on port 443, with the following script this can be changed.

--
Dim root  ' The FPCLib.FPC root object
Set root = CreateObject("FPC.Root")

Dim isaArray    ' An FPCArray object
Set isaArray = root.GetContainingArray()
isaArray.ArrayPolicy.WebProxy.TunnelPortRanges.AddRange("AllSSL",1,65000)
isaArray.Save
--

 
Run this script on your ISA server and all ports will be allowed for HTTPS
 
good luck.

(in reply to Hansa)
Post #: 14
RE: http error - 11.Sep.2006 5:12:09 AM   
come2

 

Posts: 7
Joined: 29.Jan.2005
From: Taiwan
Status: offline
Hi,
I have same problem with you. And after I create a new HTTP publish rule, then it can work.

(in reply to andfirth)
Post #: 15

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 General] >> General >> http error Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts