• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

web publishing to ISA 2004 server

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 General ] >> Web Publishing >> web publishing to ISA 2004 server Page: [1]
Login
Message << Older Topic   Newer Topic >>
web publishing to ISA 2004 server - 26.Nov.2004 3:57:00 PM   
darianva

 

Posts: 42
Joined: 22.Feb.2003
From: london
Status: offline
hi all,

I have an ISA2004 firewall on win2003 server with IIS too.
Are there any tricks to publish a web site to the internet on the ISA server.
I have bound the site to the server internal IP address on port 80.
Is it true that IIS6 binds all IP address on port 80?
Do i need to disable socket pooling so i can create a rule from the internet to internal IP address on ISA server?
at the moment i am getting http denied when trying to access the site.
thanks
dazza
Post #: 1
RE: web publishing to ISA 2004 server - 26.Nov.2004 5:40:00 PM   
darianva

 

Posts: 42
Joined: 22.Feb.2003
From: london
Status: offline
So what i have done:
you dont need a web publishing rule!
bind the IIS site to the EXT IP on port 80
create a access rule that allows traffic from EXTERNAL to EXT IP address of ISA server!
and job done!
dazza

(in reply to darianva)
Post #: 2
RE: web publishing to ISA 2004 server - 28.Nov.2004 7:56:00 PM   
Richard Piotrowski

 

Posts: 8
Joined: 28.Nov.2004
Status: offline
But you've probably lost access to any useful information in your IIS log files. If not, how were you able to pass the originating IP address through to the logs?

(in reply to darianva)
Post #: 3
RE: web publishing to ISA 2004 server - 29.Nov.2004 10:32:00 AM   
darianva

 

Posts: 42
Joined: 22.Feb.2003
From: london
Status: offline
Hi,
Have you done something similar? and if so, how did you do it please?
As a normal web publishing rule was just not working!
thanks

(in reply to darianva)
Post #: 4
RE: web publishing to ISA 2004 server - 29.Nov.2004 5:11:00 PM   
Richard Piotrowski

 

Posts: 8
Joined: 28.Nov.2004
Status: offline
http://www.isaserver.org/articles/2004pubdmzservers.html

Look at the section just before his "Conclusion" at the bottom of the article.

I still haven't figured out how to "Publish." I'm using an "Access" rule, with this modification so the original IPs show up. (This is for a message board that allows you to track the visitors ip by clicking on a button. Without this modification, the feature was useless.)

[ November 29, 2004, 05:25 PM: Message edited by: Richard- ]

(in reply to darianva)
Post #: 5
RE: web publishing to ISA 2004 server - 1.Dec.2004 10:39:00 AM   
darianva

 

Posts: 42
Joined: 22.Feb.2003
From: london
Status: offline
Richard,

I have this resolved. It was all down to socket pooling.
I now have a web pub rule and that routes from ISA EXT IP address (web listener) to 192.168.1.3 (IP ADDRESS on ISA Server) and IP bound to IIS site!
Run httpcfg to see where/what IP's are used/listening by http.sys.
Run: httpcfg delete iplisten -i 0.0.0.0
or verify in REG that it doesn't exist.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HTTP\Parameters
Once you have done that run 'net stop http'
and then start it all: 'net start w3svc'
You can verify with a netstat also for seeing your listeners.
Then get rid of all the funny ISA rules and create a web pub rule.....thats all you need to do.
dazza

(in reply to darianva)
Post #: 6
RE: web publishing to ISA 2004 server - 2.Dec.2004 1:59:00 AM   
Richard Piotrowski

 

Posts: 8
Joined: 28.Nov.2004
Status: offline
I disabled socket pooling a couple of days ago. That didn't resolve the problem.

I've noticed that I get an Event ID: 14148 ("The Web Proxy filter failed to bind its socket to...") in the Application Log whenever the Web Publishing rule is enabled. I've seen other posts that lead me to believe that this is a common error while running IIS on the ISA server. If you've been able to get your Web Publishing Rule to work, then I've got some other problem that I need to figure out.

(in reply to darianva)
Post #: 7
RE: web publishing to ISA 2004 server - 2.Dec.2004 10:47:00 AM   
darianva

 

Posts: 42
Joined: 22.Feb.2003
From: london
Status: offline
Hi Richard,

the reason for that alert is due to a socket pooling error. Check that reg as i pointed out above, but most importantly was running httpcfg and ensuring 0.0.0.0 was NOT listed and restarting HTTP once you have done this. A restart of IIS will not do as the changes to HTTP.sys (httpcfg) are to a driver so you must restart http for the changes to take effect.

Let me know if you need a hand and I will take a look.

Darian

(in reply to darianva)
Post #: 8
RE: web publishing to ISA 2004 server - 2.Dec.2004 2:16:00 PM   
rmarais

 

Posts: 8
Joined: 29.Nov.2004
From: South Africa
Status: offline
I need help setting up my ISA server 2004. I am running a small network from home and want to host web content via DSL. I have the same setup as described in the http://www.isaserver.org/articles/isa2004beta2.html article. I am running Win2K3 with ISA 2004 on top. This box is also hosting my IIS websites that I want to host via host headers. In South Africa our telecoms provider bounces our IP every night to try and prevent hosting from home. We get away via DNS hosting companies (www.no-ip.com) - hosting our ever~changing IP's for us.

I have installed ISA and configured the internal NIC as the local LAN and the external NIC is connected to the DSL router. Exactly as in the article's picture. By default the ISA config blocks all comms in and out. I have setup the Firewall rule to allow Outgoing traffic - so the LAN and the ISA box can surf. The PAT setup on the router has been done to allow the comms on port 80 through to the correct IP of the ISA server (external NIC). Now....I have tried to get the Posting of a Web server working but with no luck. Could you walk me through the config behind this?

PS. I have had the hosting of the sites working through normal Win2K3 firewall settings, but with the ISA server install it stopped working.

I have now gone ahead and setup DNS local to the W2K3 box with forward lookup for the site I am hosting.
I can now browse this site with host headers from the local box, but not from outside.

Thanks

Righardt Marais
Software Configuration Manager Righardt.Marais@20twenty.com | mobile +27 82 444 7577 | direct +27 21 481 8538 | www.20twenty.com

(in reply to darianva)
Post #: 9
RE: web publishing to ISA 2004 server - 3.Dec.2004 1:25:00 PM   
darianva

 

Posts: 42
Joined: 22.Feb.2003
From: london
Status: offline
hi Righardt,
have you done any logging to see why the packets are being dropped and why your site cant be viewed publically?
are there any warnings in the event log?
have you checked httpcfg to see what IP are being used as listeners?
run a netstat to give you a better idea.

this should give you a good base to start troubleshooting from, as 99.9% its networking related.

let me know
darian

(in reply to darianva)
Post #: 10

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 General ] >> Web Publishing >> web publishing to ISA 2004 server Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts