I am trying to access application which uses the web..but everytime i try go on this program i get the following error..
The request failed with HTTP status 407: Proxy Authentication required (the ISA Server required Authorisation to fulfill the request. Access to the Web Proxy is denied)
I have checked on the ISA logs and this is the error log
Denied Connection UKNS003 6/18/2009 11:04:41 AM Log type: Web Proxy (Forward) Status: 12209 The ISA Server requires authorization to fulfill the request. Access to the Web Proxy service is denied. Rule: deny internet Source: Internal (uknl207.nikonopticaluk.local 10.100.8.77:0) Destination: External ( 10.100.8.1:3128) Request: POST http://demo.optix.co.uk/oeconfigws_trunk/service.asmx Filter information: Req ID: 0c429a13 Protocol: http User: anonymous
I have tried adding the Request POSt but no luck...all normal websites work for me..
Any suggestions. I even tried removing the Deny Internet rule..but no luck
From: Southern California
It appears that your access rule requires authentication, but your web application is not handling the challenge for authentication (HTTP 407) appropriately. You'll need to either remove the requirement for authenticaiton on the rule (not a good idea), investigate ways that your application can more appropriately handle the challenge for authentication, or use the Firewall Client as it always provides authentication with each request. If you are going to use the Firewall Client, make sure you configure the ISA firewall to bypass the web proxy for this domain so that the communication is handled by the Firewall Client.
Many thanks for the help...im still a bit confused this application i am using is from another vendor....but when i try run the app without our proxy enabled...i can get to the login page...but if i tick the proxy....i get the error message on 1st post..
Im not sure how to do this as we dont use the firewall client on the ISA...just the proxy to specify what sites users can go on...
Firewall is disabled we use another firewall which is working fine as without the proxy i can get to the login of this page....
From: Southern California
This is precisely my point...it works through your other firewall because it is not capable of performing authentication, so your application works. The ISA firewall with its advanced capabilities can request authentication, and it does that via the HTTP 407 response (challenge for authentication). If you remove the authentication requirements from the access rule it should work, but of course now you won't be able to control access by users and/or groups. In this case you may want to create another access rule that allows anonymous access to this specific destination, and place that rule ahead of the rule that allows general authenticated access to all Internet destinations.