Our ISA server is intermittently producing Denied Connection errors on multiple Web Publishing Rules. This happens 2-3 time a week now. During the outage, all external users are repeatedly prompted for credentials during any GET/POST. All authentication attempts are successful internally during the outage, and there are no Failure Audits logged in AD or on the IIS server. The only errors I've found are in ISA, so I assume the issue is somehow related to ISA.
One interesting note: During the failure the "Destination" IP is logged as the public IP (IP used in the listener). This is logged as the internal IP address when working correctly. I initially assumed this was DNS related, but the publishing rule is pointing to the internal IP in the "To" tab (not using FQDN).
Note 2: The problem always resolves itself within a few minutes.
Listed below is the "Denied Connection" message. Any help on this is much appreciated.
Denied Connection Log type: Web Proxy (Reverse) Status: 12239 The server requires authorization to fulfill the request. Access to the Web server is denied. Contact the server administrator. Rule: host.domain.net Source: - (xx.xx.xx.xx) Destination: - (xx.xx.xx.xx:443) Request: POST http://host.domain.net:443/Something2.asmx? Filter information: Req ID: 106119b0; Compression: client=No, server=No, compress rate=0% decompress rate=0% Protocol: https User: anonymous
< Message edited by anonj -- 7.Feb.2013 10:58:48 PM >