• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Intermittent "Denied Connection" HTTP 401 unauthorized

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Firewall] >> General >> Intermittent "Denied Connection" HTTP 401 unauthorized Page: [1]
Login
Message << Older Topic   Newer Topic >>
Intermittent "Denied Connection" HTTP 401 una... - 7.Feb.2013 9:17:38 PM   
anonj

 

Posts: 1
Joined: 7.Feb.2013
Status: offline
Our ISA server is intermittently producing Denied Connection errors on multiple Web Publishing Rules. This happens 2-3 time a week now. During the outage, all external users are repeatedly prompted for credentials during any GET/POST. All authentication attempts are successful internally during the outage, and there are no Failure Audits logged in AD or on the IIS server. The only errors I've found are in ISA, so I assume the issue is somehow related to ISA.

One interesting note: During the failure the "Destination" IP is logged as the public IP (IP used in the listener). This is logged as the internal IP address when working correctly. I initially assumed this was DNS related, but the publishing rule is pointing to the internal IP in the "To" tab (not using FQDN).

Note 2: The problem always resolves itself within a few minutes.

Listed below is the "Denied Connection" message. Any help on this is much appreciated.

Denied Connection
Log type: Web Proxy (Reverse)
Status: 12239 The server requires authorization to fulfill the request. Access to the Web server is denied. Contact the server administrator.
Rule: host.domain.net
Source: - (xx.xx.xx.xx)
Destination: - (xx.xx.xx.xx:443)
Request: POST http://host.domain.net:443/Something2.asmx?
Filter information: Req ID: 106119b0; Compression: client=No, server=No, compress rate=0% decompress rate=0%
Protocol: https
User: anonymous

< Message edited by anonj -- 7.Feb.2013 10:58:48 PM >
Post #: 1
RE: Intermittent "Denied Connection" HTTP 401... - 25.Feb.2013 4:18:21 PM   
pwindell

 

Posts: 2244
Joined: 12.Apr.2004
From: Taylorville, IL
Status: offline
That is not an error.
It is a procedural notification

ALL outbound HTTP is always attempted by the User's Browser anonymously on the first attempt.

The User's Browser will not switch to passing authentication until it is first DENIED and then authentication is requested.

So all first attempts are denied,..authentication is requested,...authentication is provided,...the second attempt with authentication succeeds.

Please note in your post that the Status says that Authentication is required and notice that the User is listed as Anonymous

_____________________________

Phillip Windell

(in reply to anonj)
Post #: 2

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Firewall] >> General >> Intermittent "Denied Connection" HTTP 401 unauthorized Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts