• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

server publishing not working

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Publishing] >> Server Publishing >> server publishing not working Page: [1]
Login
Message << Older Topic   Newer Topic >>
server publishing not working - 22.Sep.2008 5:58:05 PM   
fres

 

Posts: 15
Joined: 22.Jun.2008
Status: offline
Hi
I am attempting to publish a web application with server puslishing that uses SSL x509 and a chat feature that runs on Port 8090 and it doesnt appear to be working. I have Shinder book for ISA 2004 and I am new to ISA. The book is helpful but I am now stuck.

I have ISA 2004 with 2 nic cards.
I configured the Internal network with all the IP ranges from my domain and the other domains in the forest.
I used the edgefire wall template and I created a Server Publishing rule for SSL traffic. I created a separate server publishing rule for the chat feature. I am not sure what protocol the chat feature uses. I set it up with TCP.
I am behind a hardware fire wall that has a NAT that exposes an IP on our LAN to the Internet.

I set up a Split DNS. I have SSL x509 installed on the server. I do not want to use bridging because I can not export the SSL Certificate from Apache Tom cat.

I use the same url externally to connect to the server as I do internally hence the split DNS.
I connected to my network from outside my Internal network from the Internet and The query in the monitoring didnt show a connection.. I connected to tha application that I am trying to publish and used the application and still the logging component is ISA  didnt show my connection. I was able to connect to the Web application with no problem. It looks like the ISA didnt do anything.

In addition to this problem the logging is showing a lot of denied netbios datagram and netbios name service. connections between the Internal Network and the local network.  The denied connection is due to the default rule.

I greatly appreciate any help.

THanks
Bruce
Post #: 1
RE: server publishing not working - 23.Sep.2008 4:06:39 AM   
Jason Jones

 

Posts: 4663
Joined: 30.Jul.2002
From: United Kingdom
Status: offline
Can you provide details of your server publishing rule?

What network relationship do you have between you Internal and External networks?

The denied connections are normal for "noisy" NetBIOS protocols...

Cheers

JJ

_____________________________

Jason Jones | Forefront MVP | Silversands Ltd
My Blogs: http://blog.msedge.org.uk/ and http://blog.msfirewall.org.uk/

(in reply to fres)
Post #: 2
RE: server publishing not working - 23.Sep.2008 5:56:34 PM   
fres

 

Posts: 15
Joined: 22.Jun.2008
Status: offline
Jason

Thanks for the help. I have the default relationships
I have the following relationships
Internet access
Source network: Internal, Quarntined VPN clients and VPN clients
Destination Network is External
The relationship is NAT

After reading your note I added a network relationship
External to Internal with a NAT relationship but no luck

VPN CLients to Internal Network
Source Network Quarntined VPN Clinent and VPN Clients

Desitination Network external
Relationship Route

I also have the local host  access
Source network Local Host
destination All networks.
relationship: route
I believe I need a NAT relationship because I am attempting to publish an HTTPS web site with a server rule using tunnelling. I would look into using bridging but I can't export the SSL certificate from the server. The certificate is installed in Apache Tom Cat 4.1

(in reply to Jason Jones)
Post #: 3
RE: server publishing not working - 24.Sep.2008 6:29:40 PM   
Jason Jones

 

Posts: 4663
Joined: 30.Jul.2002
From: United Kingdom
Status: offline
Details of your publishing rule???

_____________________________

Jason Jones | Forefront MVP | Silversands Ltd
My Blogs: http://blog.msedge.org.uk/ and http://blog.msfirewall.org.uk/

(in reply to fres)
Post #: 4
RE: server publishing not working - 26.Sep.2008 5:11:38 PM   
fres

 

Posts: 15
Joined: 22.Jun.2008
Status: offline
I have 2 server publishing rules
1. All Inbound TCP traffic from port 8090 from External
To the IP address of a server on the Internal Network
The check box "requests appear to come from ISA server is checked"
I am not sure that I should be using TCP traffic. I was told that the application uses streaming text. This publishing rule is supposed to allow the chat function to work.
Networks for the listener to listen on is External

2. HTTPS protocal
allow network traffic using HTTPS server from External to an IP Address of a server on the Internal network(the same server as the first rule)
The option requests appear to come from the ISA server computer is checked.
The Listener is set to listen on the external network.

Many thanks
Bruce

(in reply to Jason Jones)
Post #: 5
RE: server publishing not working - 28.Sep.2008 8:23:59 PM   
fres

 

Posts: 15
Joined: 22.Jun.2008
Status: offline
Jason

This might be a not so intelligent question but please bear with me

I have a Natted IP address from a hardware fire wall that exposes my Web application to the Internet. Does the ISA need to directly plug into that NATTED IP address?

Should we configure the Natted IP address to a port on our switch and should I plug the external NIC card directly into that port?

Currently I have the Internal and External Nic cards plugged into our LAN.

I hope that makes sense.

Thanks
Bruce

(in reply to Jason Jones)
Post #: 6

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Publishing] >> Server Publishing >> server publishing not working Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts