Problems after moving ISA into DMZ (Full Version)

All Forums >> [ISA Server 2004 Cache] >> General


phseven -> Problems after moving ISA into DMZ (15.Sep.2005 12:25:00 PM)

Any advise would be greatly appreciated.

I had a successful working ISA server with an SSL OWA and Radius Authentication when the ISA server and Exchange server were in the same subnet.
The ISA server is configured with a single network card.
This Internal network was behind a firewall, and the ISA address was behind NAT.

The ISA server is now in a DMZ.
I done some reconfiguration in order to support the new placement by changing IP addresses, etc. but I cannot get OWA to work again. Other things do work.
The following topology is in place.

Internet - FW1 - Router - ISA server
........................FW2 - Internal network

The ISA server has an outside address on the Network card, and any internal traffic is routed via the Router to the Internal network. FW2 provided a NAT address between Internal and External.

I can access the ISA server from the Internal network.
I can use the ISA server as a proxy server from the Internal Network.

My OWA config used to request the client for an SSL certificate, then provide a Radius authentication page, before allowing OWA access.
This no longer works.
Now I get a Radius Auth request but no certificate request.
Radius appears to be working, as my logs show this, and the ISA log shows https denied.
Very strange.

Can anyone provide an insight.
Ask questions if you need.
Many thanks

tshinder -> RE: Problems after moving ISA into DMZ (18.Sep.2005 11:32:00 AM)


A single NIC ISA firewall?

Check my sig!

Relegating this post to the Web proxy section.


Page: [1]