• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

ISA 2006 not talking to Exchange 2003 back-end server

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Publishing] >> Exchange Publishing >> ISA 2006 not talking to Exchange 2003 back-end server Page: [1]
Login
Message << Older Topic   Newer Topic >>
ISA 2006 not talking to Exchange 2003 back-end server - 7.Nov.2006 3:58:02 PM   
hunglikethor

 

Posts: 112
Joined: 12.Oct.2006
Status: offline
There is no front-end server in my configuration. Error Code 403 forbidden appears when i try to access the web site externally. I am able to access the site internally via SSL without problem. I looked at the packets coming into and out of the ISA server; nothing is reaching the Exchange server. My Setup is as follows, taken directly from the firewall rule (that I created) tab:

....

Action: Allow

Application Settings: "Use customized HTML forms instead of the default" (checked)
Custom HTML from set directory: Exchange
Published server logoff URL: ?Cmd=logoff
Logon type provided to the Exchange server: As selected by user(public or private)
Exchange Publishing Attachment Blocking: nothing checked

Authentication Delegation: Basic Authentication

Bridging: Web Server -> Redirect requests to SSL port 443 (checked)

From: Anywhere

To: https://exchange.internaldomain.local/exchange
Computer name or IP address: exchange.internaldomain.local
Forward the original host header instead of the actual one (checked)
Proxy Requests to published site: Requests appear to come from the ISA Server computer (checked)

General: Name: OWA - Exchange, Enable box checked

Link Translation: Apply link translation to this rule (checked)

Applied Link Translation Mappings (Rule: OWA - EXCHANGE)
View Mode: Main Mappings Only All Mappings
Public Name: webmail.externaldomain.com (could not fit all on same line; top URL is Original, Bottom is Translated URL

Original URL Translated URL
http://webmail.externaldomain.com:80/public https://webmail.externaldomain.com/public
Rule Defined: OWA - EXCHANGE


http://webmail.externaldomain.com/public https://webmail.externaldomain.com/public
Rule Defined: OWA - EXCHANGE


https://webmail.externaldomain.com:443/public https://webmail.externaldomain.com/public
Rule Defined: OWA - EXCHANGE


https://webmail.externaldomain.com/public https://webmail.externaldomain.com/public
Rule Defined: OWA - EXCHANGE


http://webmail.externaldomain.com:80/exchweb https://webmail.externaldomain.com/Exchweb
Rule Defined: OWA - EXCHANGE


http://webmail.externaldomain.com/exchweb https://webmail.externaldomain.com/Exchweb
Rule Defined: OWA - EXCHANGE


https://webmail.externaldomain.com:443/exchweb https://webmail.externaldomain.com/Exchweb
Rule Defined: OWA - EXCHANGE


https://webmail.externaldomain.com/exchweb https://webmail.externaldomain.com/Exchweb
Rule Defined: OWA - EXCHANGE


http://webmail.externaldomain.com:80/oma https://webmail.externaldomain.com/OMA
Rule Defined: OWA - EXCHANGE


http://webmail.externaldomain.com/oma https://webmail.externaldomain.com/OMA
Rule Defined: OWA - EXCHANGE


https://webmail.externaldomain.com:443/oma https://webmail.externaldomain.com/OMA
Rule Defined: OWA - EXCHANGE


https://webmail.externaldomain.com/oma https://webmail.externaldomain.com/OMA
Rule Defined: OWA - EXCHANGE


http://webmail.externaldomain.com:80/exchange https://webmail.externaldomain.com/Exchange
Rule Defined: OWA - EXCHANGE


http://webmail.externaldomain.com/exchange https://webmail.externaldomain.com/Exchange
Rule Defined: OWA - EXCHANGE


https://webmail.externaldomain.com:443/exchange https://webmail.externaldomain.com/Exchange
Rule Defined: OWA - EXCHANGE


https://webmail.externaldomain.com/exchange https://webmail.externaldomain.com/Exchange
Rule Defined: OWA - EXCHANGE


http://webmail.externaldomain.com:80/microsoft-server-activesync https://webmail.externaldomain.com/Microsoft-Server-ActiveSync
Rule Defined: OWA - EXCHANGE


http://webmail.externaldomain.com/microsoft-server-activesync https://webmail.externaldomain.com/Microsoft-Server-ActiveSync
Rule Defined: OWA - EXCHANGE


https://webmail.externaldomain.com:443/microsoft-server-activesync
https://webmail.externaldomain.com/Microsoft-Server-ActiveSync
Rule Defined: OWA - EXCHANGE


https://webmail.externaldomain.com/microsoft-server-activesync https://webmail.externaldomain.com/Microsoft-Server-ActiveSync
Rule Defined: OWA - EXCHANGE


http://https://exchange.internaldomain.local/exchange:80/public https://webmail.externaldomain.com/public
Rule Defined: OWA - EXCHANGE


http://https://exchange.internaldomain.local/exchange/public
https://webmail.externaldomain.com/public
Rule Defined: OWA - EXCHANGE


https://https://exchange.internaldomain.local/exchange:443/public
https://webmail.externaldomain.com/public
Rule Defined: OWA - EXCHANGE


https://https://exchange.internaldomain.local/exchange/public
https://webmail.externaldomain.com/public
Rule Defined: OWA - EXCHANGE


http://https://exchange.internaldomain.local/exchange:80/exchweb
https://webmail.externaldomain.com/Exchweb
Rule Defined: OWA - EXCHANGE


http://https://exchange.internaldomain.local/exchange/exchweb
https://webmail.externaldomain.com/Exchweb
Rule Defined: OWA - EXCHANGE


https://https://exchange.internaldomain.local/exchange:443/exchweb
https://webmail.externaldomain.com/Exchweb
Rule Defined: OWA - EXCHANGE


https://https://exchange.internaldomain.local/exchange/exchweb
https://webmail.externaldomain.com/Exchweb
Rule Defined: OWA - EXCHANGE


http://https://exchange.internaldomain.local/exchange:80/oma
https://webmail.externaldomain.com/OMA
Rule Defined: OWA - EXCHANGE


http://https://exchange.internaldomain.local/exchange/oma
https://webmail.externaldomain.com/OMA
Rule Defined: OWA - EXCHANGE


https://https://exchange.internaldomain.local/exchange:443/oma
https://webmail.externaldomain.com/OMA
Rule Defined: OWA - EXCHANGE


https://https://exchange.internaldomain.local/exchange/oma
https://webmail.externaldomain.com/OMA
Rule Defined: OWA - EXCHANGE


http://https://exchange.internaldomain.local/exchange:80/exchange
https://webmail.externaldomain.com/Exchange
Rule Defined: OWA - EXCHANGE


http://https://exchange.internaldomain.local/exchange/exchange
https://webmail.externaldomain.com/Exchange
Rule Defined: OWA - EXCHANGE


https://https://exchange.internaldomain.local/exchange:443/exchange
https://webmail.externaldomain.com/Exchange
Rule Defined: OWA - EXCHANGE


https://https://exchange.internaldomain.local/exchange/exchange
https://webmail.externaldomain.com/Exchange
Rule Defined: OWA - EXCHANGE


http://https://exchange.internaldomain.local/exchange:80/microsoft-server-activesync
https://webmail.externaldomain.com/Microsoft-Server-ActiveSync
Rule Defined: OWA - EXCHANGE


http://https://exchange.internaldomain.local/exchange/microsoft-server-activesync
https://webmail.externaldomain.com/Microsoft-Server-ActiveSync
Rule Defined: OWA - EXCHANGE


https://https://exchange.internaldomain.local/exchange:443/microsoft-server-activesync
https://webmail.externaldomain.com/Microsoft-Server-ActiveSync
Rule Defined: OWA - EXCHANGE


https://https://exchange.internaldomain.local/exchange/microsoft-server-activesync
https://webmail.externaldomain.com/Microsoft-Server-ActiveSync
Rule Defined: OWA - EXCHANGE



Listener: Networks: External
Port(HTTP): Disabled
Port(HTTPS): 443
Certificate: exchange.internaldomain.local
Authentication: FBA with AD
Always Authenticate: No

Paths: External Paths <same as internal>
Internal Paths: /public/*, /OMA/*, /Microsoft-Server-ActiveSync/*, /Exchweb/*, /Exchange/*

Public Name: webmail.externaldomain.com

Traffic: HTTPS, Require 128-bit encryption for HTTPS traffic (checked)

Users: All Authenticated Users, All Users

....

This smells of a Link Translation Issue on ISA. The fact that it is sending no traffic to the Exchange Server (and the Exchange Server is receiving no traffic from ISA) leads me to believe that the rule is not correct.

Thanks in advance for any help!

Edward Ray
Post #: 1
RE: ISA 2006 not talking to Exchange 2003 back-end server - 7.Nov.2006 9:39:51 PM   
hunglikethor

 

Posts: 112
Joined: 12.Oct.2006
Status: offline
Made some changes based on Tom Schindler's Part Three Article in ISA 2006/Exchange 2003 cocktail.


No change, still unable to connect externally.


Edward Ray

(in reply to hunglikethor)
Post #: 2
ISA 2006 still not talkingnot talking to Exchange 2003 ... - 8.Nov.2006 7:07:49 PM   
hunglikethor

 

Posts: 112
Joined: 12.Oct.2006
Status: offline
But getting closer.  Got to a Web link for ISA Server 2006, but when I typed in the username and password I go the same "Error Code: 403 Forbidden. The server denied the specified Uniform Resource Locator (URL)."
 
I looked at some prior postings on this type of error but have figured out why ISA will not send ANY communication at all to the Exchange Server.

(in reply to hunglikethor)
Post #: 3
RE: ISA 2006 not talking to Exchange 2003 back-end server - 8.Nov.2006 7:09:30 PM   
hunglikethor

 

Posts: 112
Joined: 12.Oct.2006
Status: offline
BTW, forms based authetication is disabled on Exchange Server 2003.

(in reply to hunglikethor)
Post #: 4
RE: ISA 2006 not talking to Exchange 2003 back-end server - 10.Nov.2006 4:34:19 PM   
hunglikethor

 

Posts: 112
Joined: 12.Oct.2006
Status: offline
Adding "/exchange" to the end of my URL fixed the problem. Created a Link Translation so that users would only have to type in "https://webmail.netsecdesign.com"

Edward Ray

(in reply to hunglikethor)
Post #: 5

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Publishing] >> Exchange Publishing >> ISA 2006 not talking to Exchange 2003 back-end server Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts