• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Secure page errors

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2000 Cache] >> General >> Secure page errors Page: [1]
Login
Message << Older Topic   Newer Topic >>
Secure page errors - 18.Jun.2003 7:44:00 PM   
danahallenbeck

 

Posts: 27
Joined: 24.Jan.2003
Status: offline 		I have looked through the articles and message board messages and can't find anything that sounds like the problem I am having. So, if this is a repeat question, let me appologize up front...

Ok, here is the problem. I have an ISA configuration that looks something like this:
clients-->ISA-->checkpoint-->ISA-->checkpoint-->internet

The ISA servers are running in Cache mode.
When trying to access specific secure sites (requiring a login) I end up with a 401.1 Login Failed error after 3 login attempts. This only happens on the downstream ISA server and clients. The upstream ISA server accesses the site fine. If I point the downstream ISA server's IE proxy settings to the upstream ISA then I can get in fine from the downstream ISA server, but if I point it's proxy settings to itself I can't get into the site again. Again this happens on specific sites...not all secure sites.

Any ideas?

Thanks.

Dana Hallenbeck
Post #: 1
RE: Secure page errors - 23.Jun.2003 2:46:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline 		Hi Dana,

The upstream is isn't receiving the credentials, or does not recognize them. Are you exercising any access control on the upstream?

Thanks!
Tom

(in reply to danahallenbeck)
Post #: 2
RE: Secure page errors - 24.Jun.2003 6:23:00 PM   
danahallenbeck

 

Posts: 27
Joined: 24.Jan.2003
Status: offline 		Hi Tom,

I agree that the credentials just don't seem to be making it.
I have an upstream rule to allow all IP traffic (it is only in Cache mode) to any site, and then a blocking rule that applies to everybody except the downstream proxy.

Dana

(in reply to danahallenbeck)
Post #: 3
RE: Secure page errors - 1.Jul.2003 6:45:00 PM   
danahallenbeck

 

Posts: 27
Joined: 24.Jan.2003
Status: offline 		I have some ISA log data but have no idea how to decipher it. I don't want to post it here just due to size. Can I email it to you?

Dana

(in reply to danahallenbeck)
Post #: 4
RE: Secure page errors - 5.Jul.2003 5:36:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline 		Hi Dana,

You don't need a blocking rule. You just need the allow rule. Anything not allowed by the allow rule is denied.

HTH,
Tom

(in reply to danahallenbeck)
Post #: 5
RE: Secure page errors - 21.Jul.2003 8:32:00 PM   
danahallenbeck

 

Posts: 27
Joined: 24.Jan.2003
Status: offline 		Actually, the blocking rule is a SurfControl blocking rule not an ISA rule. It is only set to block Adult material and is otherwise open to all web requests.

Dana

(in reply to danahallenbeck)
Post #: 6
RE: Secure page errors - 23.Jul.2003 11:04:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline 		Hi Dana,

Oh! OK.

thanks!
Tom

(in reply to danahallenbeck)
Post #: 7

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2000 Cache] >> General >> Secure page errors Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts