Hi jason; i have a very simple configuration: i have an one-armed ISA with one webpublishing rule. the webclient uses ISA as proxy-server on Port 80. the webpublishing rule forwards the request to the webserver depending on username and password. (local uses on ISA server). This works fine with HTTP Authentication in the listener. But not with HTML/FBA Authentication. I changed only the Authentication method within the listener.
there is no active directory or dns in this scenario.
Logging:
Denied Connection ISA2006 28.04.2009 16:56:43 Log type: Web Proxy (Reverse) Status: 12232 The server denied the specified Uniform Resource Locator (URL). Contact the server administrator. Rule: web_publish Source: (192.168.100.10) Destination: (192.168.100.1:80) Request: GET http://192.168.100.12/testweb/ Filter information: Req ID: 06c47754; Compression: client=No, server=No, compress rate=0% decompress rate=0% ; FBA cookie: exists=no, valid=no, updated=no, logged off=no, client type=unknown, user activity=yes Protocol: http User: anonymous
Posts: 4663
Joined: 30.Jul.2002
From: United Kingdom
Status: offline
What auth method are you using with FBA?
I assume you have enabled the "Allow authentication over HTTP" option?
It sounds like ISA is not domain joined?
What form error do you actually get?
I've done quite a few single-NIC FBA deployments for people who wanted ISA in a DMZ or as an internal authentication gateway and FBA behaved exactly the same as mulit-homed...My ISA Servers are always domain joined though...
Cheers
JJ
< Message edited by Jason Jones -- 28.Apr.2009 11:57:14 AM >