Sharepoint Access via ISA returning 403 Error (Full Version)

All Forums >> [ISA 2006 Publishing] >> SharePoint Publishing


rod419 -> Sharepoint Access via ISA returning 403 Error (11.Jul.2011 1:08:15 AM)

In late May we started seeing an Issue where employees cannot access our SharePoint (2010) site when logging in from a location away from our main office.

We use Smart Cards to authenticate to the network locally, so when an employee is logged on here they are not prompted for credentials after the initial log in. Naturally they are required to enter their credentials when at one of our sattilte offices. Once they they enter their credentials/PIN they receive a 403 "the website declined to show this webpage" error.

If the same users try to access OWA with their credentials, they are able to access it without issue. The 403 error leads me to believe that the issue may be with the ISA server as supposed to the SharePoint server.

My focus now is trying to figure out where the handshake between the ISA and IIS/Sharepoint is failing. Right now it looks like the site is granting access, but the credentials are not being passed. I am just unsure why this is happening only to users off the HQ's domain.

In IAS I've taken a look at the Web Listener and it is configured exactly like the OWA listener (w/ the expected differences), and the Security logs. In those logs it shows where I attempted to log in from an offsite machine, and although I was NOT able to get in (403 error) there is no mention of a failure in the security logs.

The Pass-through authentication test passed, the the certificates on the IAS server were recently issued.

Anyone have any insight on what my nest step should be?

Page: [1]