• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Publishing to a web farm ( internal site name )

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Publishing] >> Web Publishing >> Publishing to a web farm ( internal site name ) Page: [1]
Login
Message << Older Topic   Newer Topic >>
Publishing to a web farm ( internal site name ) - 17.Nov.2006 8:53:03 AM   
hjadkins

 

Posts: 15
Joined: 8.Sep.2006
Status: offline
I need help understanding the web farm tab, in particular the internal site name textbox as what it relates to.  Is it an internal DNS entry the points to the servers in the web farm? Or is it the IIS header?  
 
Also, I’m having trouble with proxy requests option (“ requests appear to come the: “) , I would like to use “Original client who sent the request”, but if I do the firewall throws a “failed connection attempt”, my guess is I have a network rule which is wrong.
 
Does anyone have a link or doc in how to setup a web farm using ISA 2006 Enterprise? ( Edge Mode).  When I start Using certs or SSL it starts behaving strangly.
.
How about this one “Error Code: 500 Internal Server Error. An internal error occurred. (1359)" 
 
Thanks John
Post #: 1
RE: Publishing to a web farm ( internal site name ) - 20.Nov.2006 10:05:17 AM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi John,

Check out my article series on this site on how to create a Web Farm.

HTH,
Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to hjadkins)
Post #: 2
RE: Publishing to a web farm ( internal site name ) - 27.Nov.2006 2:12:58 PM   
hjadkins

 

Posts: 15
Joined: 8.Sep.2006
Status: offline
Tom, Thanks for the reply, but ..

Can you post the link, I can't find an article relating to publishing a web farm for 2006, In particular the internal site name textbox and how it is used. 

I can only get SSL working if  the web servers think ISA server is the requester, not the orginal client.

I'm in the middle of a 2004 to 2006 enterprise migration and I'm stuck on a couple of SSL issues.

Thanks again john







(in reply to hjadkins)
Post #: 3
RE: Publishing to a web farm ( internal site name ) - 27.Nov.2006 4:18:56 PM   
hjadkins

 

Posts: 15
Joined: 8.Sep.2006
Status: offline
This is what I think I figured out.  The "Internal Site Name" is used as a common name so the ISA server(s) can match to a common cert name coming from the backend web servers(s).   In other words, the "Internal Site name" matches the name on my internal SSL cert used on my web site, if not you get the second error below.

Also what threw me for a while was, when applying rules to enterprise version of ISA 2006 with two servers in the array, it would take 1 to 4 minutes for the rules to go into affect.  I was thinking things wern't working, when they were, just took a few minutes in some cases, not being patient and shooting myself in the foot.

These are the errors I got and what I did to resolve them.

1.       Error Code: 500 Internal Server Error. The certificate chain was issued by an authority that is not trusted. (-2146893019)
a.       The cert used for the internal web server wasn’t imported into the ISA server(s) as a trusted root cert.  Remember to import into all ISA Enterprise servers that are part of the same array.
2.       Error Code: 500 Internal Server Error. The target principal name is incorrect. (-2146893022)
a.       Cert name doesn’t match the “Internal Site Name” defined in the web farm tab.  change the site name to match the name on the cert or recreate a new interal cert using selfcert.

I'm sure this is already stated somewhere else, but I couldn't find.

John

(in reply to hjadkins)
Post #: 4
RE: Publishing to a web farm ( internal site name ) - 27.Nov.2006 4:27:28 PM   
gja

 

Posts: 50
Joined: 15.Aug.2006
From: The Netherlands
Status: offline
About the synchronisation problem it is known. When you configure an array, after you click apply go to monitoring an got to the tab "configuration".  In that tab you can see if your config is "out-of-sync", "synchonizing" or "synced".

Sometimes you have to wait longer than the other. But now you dont have to test three times. Just wait for the config to be synced and then test it.

(in reply to hjadkins)
Post #: 5
RE: Publishing to a web farm ( internal site name ) - 30.Nov.2006 9:29:24 AM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
quote:

ORIGINAL: hjadkins

Tom, Thanks for the reply, but ..

Can you post the link, I can't find an article relating to publishing a web farm for 2006, In particular the internal site name textbox and how it is used. 

I can only get SSL working if  the web servers think ISA server is the requester, not the orginal client.

I'm in the middle of a 2004 to 2006 enterprise migration and I'm stuck on a couple of SSL issues.

Thanks again john









http://www.isaserver.org/pages/search.asp?query=Web+farm


_____________________________

Thomas W Shinder, M.D.

(in reply to hjadkins)
Post #: 6
RE: Publishing to a web farm ( internal site name ) - 10.Jan.2007 4:44:06 PM   
hjadkins

 

Posts: 15
Joined: 8.Sep.2006
Status: offline
Just a follow up to an old question I had, MS answer.
 
I found this relating to what "Internal Site Name" means when publishing to a web farm.
 
But, the last bullet has me worried about what happens if the computer I pick for the site name is off line?  I quess I will have to find out.
 
Specify an internal site name. When publishing a single Web server, the internal site name is used by ISA Server to locate the published server.
 
When you publish a Web server farm, the internal name is not used by ISA Server in this way. Instead, it is used as follows:
 





The internal name may be used for link translation. Web pages returned by a published Web server may include links to internal computer names and sites that cannot be resolved by external clients. To avoid broken links, the ISA Server Link Translation filter uses mapping to translate these internal links to publicly resolvable names. For each Web publishing rule, ISA Server automatically maps the internal name specified in the rule to the public name specified in the rule. For the internal name in the Web farm rule, you should specify the name that internal users will use to access the farm, and the internal name with which the Web farm might be referenced on Web pages and e-mail messages that external users may receive. If an application uses absolute links to itself, the internal site name should be the host name in those links.




When a browser application generates a request, it includes a host header that identifies the host specified by the user in the URL. By default, when ISA Server receives the request, it changes this host header to the internal name, and will use the internal site name you specified as the host header when connecting to Web servers in the farm. If you choose to use the original client host header instead of the ISA Server default setting, the internal name is not used.




When you configure a Web farm in an HTTPS-to-HTTPS bridging scenario, you can deploy a unique certificate on each server farm member, or use a single certificate for the Web farm object. If you use a single certificate, you must use the internal name specified in the publishing rule as the common name when creating the certificate.




Even if you do not need to make a Web farm available internally or account for link translation, the ISA Server rules engine needs to resolve the internal site name. In this case, we recommend that you set the internal name to the Domain Name System (DNS) name of one of the servers in the farm.
 
http://www.microsoft.atat.at/technet/isa/2006/deployment/wplb.mspx

(in reply to hjadkins)
Post #: 7

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Publishing] >> Web Publishing >> Publishing to a web farm ( internal site name ) Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts