• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

No Active Directory Authentication - even when ISA Server is stopped

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 General] >> General >> No Active Directory Authentication - even when ISA Server is stopped Page: [1]
Login
Message << Older Topic   Newer Topic >>
No Active Directory Authentication - even when ISA Serv... - 15.Sep.2008 7:48:38 AM   
antandrades

 

Posts: 46
Joined: 14.Jul.2008
Status: offline
Hi all,

We have an ISA 2006 instance that we've put in a DMZ with the NOKIA firewall also performing NAT from the LAN to the DMZ. So the ISA has a class A ip NATted to class C by the firewall.

The server is a 2003 ENT SP2 (although I've uninstalled SP2).
Rules on the NOKIA firewall allow traffic out to a domain controller over the correct ports (53, 88, 389, 1026, 3268, 135) and also 3389 for RDP.
The server is an HP DL380 G4.

When the machine is on the LAN, I can log onto it using my domain credentials within seconds.
However, when the machine is back in the DMZ, it can take up to 40 minutes for the machine to authenticate me, or it just returns to the MSGINA asking me for my credentials.

Anyone any ideas how I can fix this?

Thanks,
Anthony
Post #: 1
RE: No Active Directory Authentication - even when ISA ... - 15.Sep.2008 8:30:47 AM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
You must have a route relationship between source and destination network for intradomain communications. If there is NAT anywhere in the path, it won't work becasue of Kerberos not supporting NAT.

HTH,
Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to antandrades)
Post #: 2
RE: No Active Directory Authentication - even when ISA ... - 15.Sep.2008 8:33:15 AM   
antandrades

 

Posts: 46
Joined: 14.Jul.2008
Status: offline
Hi Tom,

Where do I go to implement that in ISA 2006?

Thanks

(in reply to tshinder)
Post #: 3
RE: No Active Directory Authentication - even when ISA ... - 15.Sep.2008 8:51:25 AM   
elmajdal

 

Posts: 6022
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline
Hi,

Check Tom's Article here : http://www.isaserver.org/articles/2004perimeterdomain.html

HTH,
Tarek

< Message edited by elmajdal -- 15.Sep.2008 8:56:54 AM >


_____________________________

Tarek Majdalani

Windows Expert - IT Pro MVP
Facebook : https://www.facebook.com/ElMajdal.Net

(in reply to antandrades)
Post #: 4

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 General] >> General >> No Active Directory Authentication - even when ISA Server is stopped Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts