Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Publishing exchange web through 2 ISA Servers

Status
Not open for further replies.
Campell

Campell

Programmer
Mar 25, 2002
6
US
I have a ISA Configuration looking like this:
Internet - ISA1 - DMZ - ISA2 - Intranet

The DMZ and Intranet are using 192.168.x.xxx addresses.

On the intranet is a Exchange Server 2000 with the "integrated" IIS web
mail functionality.

I want to read the web mail from internet and therfore trying to publish
the exchange webserver via ISA2 and publish the ISA2 via ISA1. Since
exchange web mail relies on hostname I need to push the hostname all the
way through both ISA servers.

However, doing this I get the following error message when i browse this
page from the internet:
403 Forbidden - The server denies the specified Uniform Resource Locator
(URL). Contact the server administrator. (12202)
Internet Security and Acceleration Server

Any tips or ideas?
 
Sort by date Sort by votes
Hi,

are you trying to publish SMTP-Server and/or OWA (Outlook Web Access)? But from what you write, I take it, it is OWA.

1. You need to open the appropriate ports. OWA "unsecure" uses HTTP (80 tcp) and OWA "secure" HTTPS (443 tcp)
2. Is your first ISA (the one on Internet and DMZ) configured to act as "Integrated"? If yes, you need to set the server to listen for incomming web-requests, for example and be sure to include the following paths; /exchange* /exchweb* and /public* if you want to publish public folders too. Tell the server where to forward these requests. Be sure that the ISA Server in the DMZ knows the route where to forward.
3. Your second ISA must allow inbound traffic from the first ISA server (OWA-traffic and SMTP only for example). Your first ISA Server is the only one allowed to forward inbound.

Hope this is useful information for you. If not, let me know.. I've been working with this a lot recently and finally got it working. :)

Cheers
Knut Erik
 
Upvote 0 Downvote
Thanks for trying =)

The problem was that isa cannot use "forward host name" through 2 ISA servers. At least that was the problem for me.
My solution was to:
exchange.mydomain.com <-from internet
forward this (w/o hostname) to my inner ISA
inner isa forwards to exchange.mydomain.com BUT!! this is an alias to my internal exchange server on my intranet and this connection is made with the host file.

It would be much easier if OWA didn't use the hostname in the links.

Tricky but it solved the problem.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sparrow4
  • Locked
  • Question
Configure Avaya IPO R11 / VM Pro + Office365 or Exchange for voicemail to email
Replies
2
Views
307
Johnkite
Johnkite
ChrisFairley
  • Locked
  • Question
Downloads failing through ASA 5520
Replies
1
Views
84
iggsterman
iggsterman
Tommy_T
  • Locked
  • Question
Sonic wall - Have an issue remotely connectioning VNC and SMB (and AFP) to one of the 2 ISP circuits
Replies
1
Views
251
nnaarrnn
nnaarrnn
ISDPCMAN
  • Locked
  • Question
Cannot connect to TZ-215 Sonicwall appliance with web browser!
Replies
0
Views
80
ISDPCMAN
ISDPCMAN
Russtoleum
  • Locked
  • Question
SW GVC won't route traffic through sonicwall to offsite tunnel unless it leases an ip on the same su
Replies
1
Views
92
Russtoleum
Russtoleum

Part and Inventory Search

Sponsor

Back
Top