Hey Tom My redirect is the same as the name on the certificate which is mail.nusolutions.biz. The IP address in the listener is pointing to an external IP on the external interface of the ISA server. This public IP resolves to the FQDN mail.nusolutions.biz, which is what external users type to access the site. AAARRRGGHH!!!!! ________________________________ From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] Sent: Thursday, April 29, 2004 7:43 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Certificate not appearing... http://www.ISAserver.org Hi Marvin, Look at the graphic on the top of this page: http://isaserver.org/articles/2004owapub.html Your redirect should match the name on the certificates. HTH, Tom Thomas W Shinder www.isaserver.org/shinder <http://www.isaserver.org/shinder> ISA 2004 Beta - Get it now! http://www.microsoft.com/isaserver/beta/default.asp <http://www.microsoft.com/isaserver/beta/default.asp> ISA Server and Beyond: http://tinyurl.com/1jq1 Configuring ISA Server: http://tinyurl.com/1llp <http://tinyurl.com/1llp> -----Original Message----- From: Marvin Cummings [mailto:marvin.cummings@xxxxxxxxxxxxxxx] Sent: Thursday, April 29, 2004 6:37 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Certificate not appearing... http://www.ISAserver.org I've done this a couple of times now and I still can't seem to get this to work. The only thing I've changed is the name from www.mydomain.com <http://www.mydomain.com/> to mail.mydomain.com. So now when I go to https://mail.nusolutions.biz/exchange I get the security alert and page not found but with the following error: 500 Internal Server Error - The target principal name is incorrect. (-2146893022) Internet Security and Acceleration Server After reading the article posted here: http://www.isaserver.org/tutorials/error505.html I've found that the web publishing rule doesn't resolve mail.mydomain.com, the name that's listed as the FQDN or common name in my certificate for this mail server. I have split DNS in place and it appears to be working. The email server resides in the domain and sits on the internal LAN unlike the web server which resides on the same network but sits in a separate workgroup. All public DNS records reside on this web server including one for mail.nusolutions.biz - 205.179.x.x. My question is how do I get the web publishing rule to resolve to mail.mydomain.com? The article says to "configure the web publishing rule to use the FQDN listed in the web server certificate's common name entry". This IS how it's configured and that name is mail.nusolutions.biz. I also tried the internal IP of this internal email server. What am I missing here? Thanks ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: marvc@xxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')
