quote:

---

Originally posted by dmolley:
Update - after I post a new message, I am able to view the recent posts..
It's like a cache somewhere is not being updated..
How do I view the replies without posting a reply?

Thanks for responding Mr. Shinder.
Yes I have (I think) a split DNS arrangement..
this is my configuration:
The DC/WebServer/DHCP/Exchange server (yes it is a bit overloaded) also has my internal DNS setup on it. All clients are directed here for DNS. This server forwards to the ISA server which has a caching only DNS server on it. The ISA caching only DNS server forwards to my ISP's DNS.
On a separate server located outside of my ISA network (directly on the internet) is my external DNS server.
Have I screwed up here?

---

quote:

---

Originally posted by Money Penney:
Nice articles Tom. I have helped many a people do this stuff with some documentation I put together (mainly for SBS users), so I know that this is a hot topic.

One Suggestion I have is never leave a setting or switch unexplained if it is crucial or specific to the setup. For example the "Allow Delegation of basic authentication credentials". I did not have this set until I just read your articles, but it was working and am unsure what effect this switch will have. Otherwise the articles are looking good!

I do a lot of work for Small organisations, often they have SBS or a similar setup with a single machine doing everything but answer the phones.

I have many Exchange 2000 OWA sites running around the place all secured with ISA and this has been very successful to date. If anyone wants help with doing all this with SBS let me know (maybe I can help you create an adition to your articles Tom?)

With the Exchange 2003 OWA sites I have running at the moment I set them up some time ago before seeing your documents, based on my experience with 2000, and they work pretty well but for one strange thing...

Every now and then when accessing the site externally some of the frames will appear with an error message about encryption being required. Right clicking and selecting refresh often causes the page to load correctly.

I bridge SSL to HTTP (terminate SSL at ISA) as being on the same machine there is no real need to encrypt between ISA and IIS.

Any thoughts?

---

Hi MP,

I updated the information in this series in the docs in the ISA Server 2000 Exchange 2000/2003 Deployment Kits.

There is information in ISA Server and Beyond on how to publish an OWA site located on the ISA firewall, and I do use SSL to SSL bridging, which works quite nicely Not required, but gets around the need to perform a registry hack (although the hack is not required if you use FP1 and the OWA Wizard).

HTH,
Tom

(in reply to tshinder)

quote:

---

Originally posted by dmolley:
GOT IT!

I just needed to restart the ISA system after modifing the HOSTS file.
Everything works as advertised!

Thanks again Tom

---

quote:

---

Originally posted by MarcoAdmin:
we never get a logon screen. Just this error.
I ran some tests to try and determine if it is IIS or ISA causing this issue, and with a new simple one page web site set up on our win2k3 server(the one hosting exchange) the web site is inaccessable even set on anonymous access or with basic or windows integrated authentication.
This leads me to believe that the error is in IIS not with ISA, but please correct me if I am mistaken. I am wondering if the IIS lockdown tool could help me or maybe causing the error. I have been a Network Engineer for several years now, but this is really my first foray into exchange and OWA, and I am a bit lost as to where to go next.

These errors do occur both from internal clients and from internet clients.

I did check into the destination sets and from what I can figure they seem to be correct.

I again thank you for your time on this matter.

---