• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Why is ISA trying to handle internal addresses?

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Firewall] >> General >> Why is ISA trying to handle internal addresses? Page: [1]
Login
Message << Older Topic   Newer Topic >>
Why is ISA trying to handle internal addresses? - 20.Nov.2007 11:32:41 PM   
jdmils

 

Posts: 94
Joined: 25.Jan.2006
Status: offline
I have an ISA server sitting on IP 10.0.3.48. It has two NICs:
  1. Internal: 10.3.0.48
  2. External: 192.168.5.8
I also have a non-domain server sitting on IP 192.168.5.129 acting as a web server. All my internal users (eg. 10.3.17.16 & 10.3.17.241) can access the web server from the internal network as the browsers bypass ISA to get there.

But there is one user who tries to access the web server via the IP address and for some reason, ISA is denying the request. Here's the log:
quote:

Original Client IP    Client Agent    Authenticated Client    Service    Server Name    Referring Server    Destination Host Name    Transport    MIME Type    Object Source    Source Proxy    Destination Proxy    Bidirectional    Client Host Name    Filter Information    Network Interface    Raw IP Header    Raw Payload    GMT Log Time    Source Port    Processing Time    Bytes Sent    Bytes Received    Result Code    HTTP Status Code    Cache Information    Error Information    Log Record Type    Authentication Server    Log Time    Destination IP    Destination Port    Protocol    Action    Rule    Client IP    Client Username    Source Network    Destination Network    HTTP Method    URL
0.0.0.0    Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)        Proxy    CLA-ISA    -    192.168.5.129    TCP    -                        Req ID: 028dc574; Compression: client=No, server=No, compress rate=0% decompress rate=0%                21/11/2007 3:38:49 AM    0    1    4317    444        12202 The ISA Server denied the specified Uniform Resource Locator (URL).     0x2    0x80    Web Proxy Filter    -    21/11/2007 2:38:49 PM    10.3.0.48    8080    http    Denied Connection    Default rule    10.3.0.93    SCL\LChin    Internal    Internal    GET    http://192.168.5.129/BO551/BOStart.html

quote:

Denied Connection CLA-ISA 21/11/2007 2:38:49 PM
Log type: Web Proxy (Forward)
Status: 12202 The ISA Server denied the specified Uniform Resource Locator (URL). 
Rule: Default rule
Source: Internal (10.3.0.93)
Destination: Internal (10.3.0.48:8080)
Request: GET http://192.168.5.129/BO551/BOStart.html
Filter information: Req ID: 028dc574; Compression: client=No, server=No, compress rate=0% decompress rate=0%
Protocol: http
User: SCL\LChin
 Additional information
Client agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
Object source: (No source information is available.)
Cache info: 0x2 (Request includes the IF-MODIFIED-SINCE header.)
Processing time: 1 MIME type: -


The user in question is only using the Proxy settings in IE- no firewall client. I tested the same user using Firefox and the same thing happens- they get the standard ISA denied the URL text in the browser window. However, the user can ping the server.

Can anyone explain this situation and why it is happening?

Extra info:

The two NICs of the ISA server are connected to two ports on our firewall- the internal port and the DMZ port. The network guy tells me this is to allow other traffic in and out but all HTTP/S/FTP is to go thru the ISA Server.

Thanks.

_____________________________

|
+-- JDMils
|
+-- Windows 2003 Server DC
+-- Windows 2003 Server hosting ISA 2006 Stnd SP2
|
Post #: 1
RE: Why is ISA trying to handle internal addresses? - 24.Nov.2007 2:33:26 PM   
mylo

 

Posts: 144
Joined: 26.Mar.2002
Status: offline
What have you defined as your internal network.. 10.3.0.0/16?

Regards,
Mylo

(in reply to jdmils)
Post #: 2
RE: Why is ISA trying to handle internal addresses? - 27.Nov.2007 3:49:55 PM   
jdmils

 

Posts: 94
Joined: 25.Jan.2006
Status: offline
My internal network is:

10.3.0.0 255.255.0.0
192.168.0.0 255.255.0.0
10.16.0.0 255.255.0.0

Thanks

_____________________________

|
+-- JDMils
|
+-- Windows 2003 Server DC
+-- Windows 2003 Server hosting ISA 2006 Stnd SP2
|

(in reply to mylo)
Post #: 3

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Firewall] >> General >> Why is ISA trying to handle internal addresses? Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts