Hello all. Sorry for my English… I have a problem about publishing WSS, that installing in one server with ISA Server. Initial data. What need. Full security (SSL) access to internal portal for our company.
Server: Windows 2003 SE SP2 + last updates. 3 NIC's: 1. Real IP 2. 192.168.8.17 (local network) 3. 192.168.10.100 (vpn) Internal server name is 'vpn-server'. WSS3.0 Fresh download from Microsoft Download. All work well – in IE the URL 'http://vpn-server' shows SharePoint website. AAM is configured to 'https://intranet.company.com' for Internet zone. Extend existing web application is not using. The server is not in Windows domain (standalone).
ISA: ISA Server 2006 SE, SP1, KB925403, KB939455 One standart publishing rule (done with master): From Anywhere To vpn-server Bridging: HTTP only Traffic: HTTP, HTTPS Listener: External (manual introduced external real IP), connections on 80 and 443 ports without redirections HTTP to HTTPS, certificate (added with selfssl.exe utility with name 'intranet.company.com'), SSO is not enabled, HTLM form authentication (Windows AD), Public name: intranet.company.com Users: All authenticated users. All other settings made by default.
The publish rule is first in list.
Problem. When I connected from outside to https://intranet.company.com and enter valid login and password (local administrator of this server) I see my WSS site. But when I try to open any document library in Explorer View my browser is hangs…
In ISA logs I see denied by default rule connections from outside to server with HTTP protocol. I know, that when IE trying to connect to WSS to URL with Explorer View, it create new iexplore.exe process, that works with Windows WebClient Services.
I tired to redirect in weblistener all HTTP traffic to HTTPS, but it did not works. So, I am added new rule, that allow HTTP traffic from External network to Localhost for all users, and then all work fine – Explorer View is opened, but with ~10 sec. delay. But this method is not allowed – anybody has connected to our 'secure' internal web portal without any security, entering in browsers http://intranet.company.com