I have an ISA 2006 (over Windows 2003 R2) operating as edge firewall, that protects an Exchange 2003 (over Windows 2003 R2), also located in the internal network.
The Exchange 2003 has OWA installed and we use SSL 443 connection to ISA and the Internet. The certificate is installed in both the Exchange (which is also the Domain Controller) and ISA Server.
We have previously installed an ISA 2004, following Liran Zamir excellent ISA 2004 - OWA 2003 guides and all worked well. However, when we replaced the ISA 2004 with the new 2006 version, there ware some differences, as the listener no longer accepts OWA authentifications.
The ISA 2006 is part of the Domain and the Administrator password for the ISA Server and the Domain are the same. The problem is that when we access the OWA over the external network, we can load the OWA using the Administrator account. However, when we use any other account (including another one with Administrative rights in the domain) we can't log-in, and the received message is:
"The session could not be started in the ISA Server. Make sure that the User Name in the domain and the password are correct. Then, try again."
The OWA listener specifies "HTML Form Autentication" authentication method and "Windows (Active Directory" validation method. The Autentication Delegation is "Basic authentication".
All this works fine for the "Administrator" account. However, once we use any other account there are access problems. The connection times out, and the ISA displays the mentioned message.
Someone has an idea of what could be wrong? I will really appreciate any help.
< Message edited by Igor Sotelo -- 20.Feb.2007 1:15:17 PM >
This one has been solved. I didn't noticed that the RDP client was logging in the ISA 2006 computer and not the domain. The Administrator could enter the OWA, becase it's registered in the server and the domain with the same password.
The access to OWA works fine when there is no one logged or when the log-in is made to the domain. However, if there is someone that logs to the ISA 2006 computer the OWA becomes inaccesible.