• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

ISA Server is configured to block HTTP requests that require authentication

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Publishing] >> Web Publishing >> ISA Server is configured to block HTTP requests that require authentication Page: [1]
Login
Message << Older Topic   Newer Topic >>
ISA Server is configured to block HTTP requests that re... - 15.Oct.2006 10:42:07 PM   
chrepair

 

Posts: 14
Joined: 2.Oct.2006
Status: offline 		Hello.
I have been trying to get my ISA server 2006 running on Server 2003 R2 w/AD to authenticate users via IIS. The problem is this: I have a web site that requres users to log into specific areas as well as hosting general public areas on the same site. i also have other sites hosted on this same install of IIS.
I can not seem to get the ISA server to pass the authentication along no matter what I try. I keep getting this same error:
Error Code: 403 Forbidden. ISA Server is configured to block HTTP requests that require authentication. (12250)
I am not sure if ISA is even trying to contact the PDC of LDAP or whatever for authentication. I tried ever scenario of listener/rule configuration I know of.
I can get the web sites to dosplay properly but when a link is clicked to the passworded section is get 1 of two things...if i have the authenticatino off i get this:
Error Code: 403 Forbidden. The server denied the specified Uniform Resource Locator (URL). Contact the server administrator. (12202)
If I turn any authentication on I get this:
Error Code: 403 Forbidden. ISA Server is configured to block HTTP requests that require authentication. (12250)
This one no part of the site at all comes in. The above error with the URL allows the sites to be displayed until I click a link to the passworded pages.
I really need some outside assistance with this.
http://chrepair.com if the total erroring site and if you go to http://www.chrepair.com and try the members link then the URL error appears. I have separate rules for the www and the no www links for testing.
Thanks in advance.
Post #: 1
RE: ISA Server is configured to block HTTP requests tha... - 16.Oct.2006 3:57:00 AM   
gb_brown

 

Posts: 3
Joined: 15.Oct.2006
Status: offline 		Hi,

I had this problem as well, which was driving me mad.  On your listner click on the "Authentication" tab and then "Advanced..." and check the box "Allow client authenticaion over HTTP".

HTH

Gareth


(in reply to chrepair)
Post #: 2
RE: ISA Server is configured to block HTTP requests tha... - 16.Oct.2006 10:36:11 AM   
chrepair

 

Posts: 14
Joined: 2.Oct.2006
Status: offline 		Hello and thanks for the reply.
I have it set that way now actually and as you probably seen it is still blocking.
I tried all the auth options and made sure the listeners options matched the rules options. I thought that listener option (as you described) would simply pass the password boxes from IIS to the user without any further toughts. I would like to configure this so that ISA talks to IIS and keeps the user at the firewall but I would be happy just to pass the auth requets strait through.
Is there a setting in the enterprise area or globaly somewhere that needs to be set to allow authentication? I don't have a book for ISA 2006 Ent. so I am not sure what criteria is needed in order for ISA to allow authentication. Does ISA automaticallly allow authentication if it is set up correctly or does it not allow it if it can't contact the active directory lists or what? I am at a loss because I don't know how this thing is internally programmed and Microsofts help is about useless on this subject.
Thanks again for the reply and I hope we can get this strait...it is driving me nuts.
Also, after changing things if I stop and restart the firewall service inside ISA would that allow for the rule/listeneer changes to be seen immediately? I know sometimes I have to wait till all connections die, or whatever, until a new rule starts working the way it is programmed.
Thanks.

(in reply to gb_brown)
Post #: 3
RE: ISA Server is configured to block HTTP requests tha... - 17.Oct.2006 10:02:49 PM   
chrepair

 

Posts: 14
Joined: 2.Oct.2006
Status: offline 		Hello again folks. Upon further looknig into this it appears that there is some setting in ISA SERVER 2006 Ent. that is a global allow or block for authentication. Can anyone tell me what this is or where to configure it at? If it is an automatic unblock when the settings are correct then my install is screwed up.
I REALLY need some advice/help with this from soemone woh knows and anyone who may have any kind of guess I would like to hear from too.
Thanks in advance to y'all.

(in reply to chrepair)
Post #: 4
RE: ISA Server is configured to block HTTP requests tha... - 20.Oct.2006 4:39:53 PM   
chrepair

 

Posts: 14
Joined: 2.Oct.2006
Status: offline 		No one has an answer?

(in reply to chrepair)
Post #: 5
RE: ISA Server is configured to block HTTP requests tha... - 22.Oct.2006 10:54:44 AM   
Erazor

 

Posts: 1
Joined: 22.Oct.2006
Status: offline 		Here is your solution:

Go to Enterprise just above Arrays and just under Microsoft Internet Security and Acceleration Server 2006.

Click on Enterprise Add-ins
In the right pane right click Authentication Delegation Filter
Click on disable

Apply your changes

You are done.

(in reply to chrepair)
Post #: 6
RE: ISA Server is configured to block HTTP requests tha... - 22.Oct.2006 11:04:57 AM   
chrepair

 

Posts: 14
Joined: 2.Oct.2006
Status: offline 		Thanks for the reply.

I did what you said and disabled the add in but this di not solve the problem.

Still getting:
Error Code: 403 Forbidden. ISA Server is configured to block HTTP requests that require authentication. (12250)

Any other ideas?

Thanks again.

(in reply to Erazor)
Post #: 7
RE: ISA Server is configured to block HTTP requests tha... - 22.Oct.2006 11:50:46 AM   
chrepair

 

Posts: 14
Joined: 2.Oct.2006
Status: offline 		I have solved the problem...I did not have a security certificate installed on the ISA server and once I installed a cert the authentication block was lifted.

(in reply to chrepair)
Post #: 8
RE: ISA Server is configured to block HTTP requests tha... - 23.Oct.2006 9:45:41 AM   
chrepair

 

Posts: 14
Joined: 2.Oct.2006
Status: offline 		One other note...the listener cert must match the cert for the web site or else you can not use ssl as isa spits out a warning that auth failed but isa will still pass on deligation for passworded pages via http even though the certs are different but users will get a warning stating the certs don't match.

(in reply to chrepair)
Post #: 9

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Publishing] >> Web Publishing >> ISA Server is configured to block HTTP requests that require authentication Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts