English reference : http://support.microsoft.com/default.aspx?scid=kb;en-us;280132 > -----Original Message----- > From: Etienne Goetynck > Sent: mercredi 3 septembre 2003 15:05 > To: [ISAserver.org Discussion List] > Subject: [isalist] Re: Domain authentication problem > > http://www.ISAserver.org > > > - Firewall is a WatchGard Firewall > - Microsoft note is : http://support.microsoft.com/?kbid=280132 (My objective > is very similar, I would like publish a Sharepoint Portal Server). > - On my LAN, I have 2 DC > > I have no other choice than using "Domain Traffic" across Firewall. I must > keeping single sign on... and My "users database" is AD. > > My main problem is : sometimes, it's working perfectly (then I suppose my > configuration is'nt too bad) > > > > > > > > > > -----Original Message----- > > From: Jim Harrison [mailto:jim@xxxxxxxxxxxx] > > Sent: mercredi 3 septembre 2003 14:50 > > To: [ISAserver.org Discussion List] > > Subject: [isalist] Re: Domain authentication problem > > > > http://www.ISAserver.org > > > > > > Without knowing : > > 1. what the inner firewall is > > 2. what reference you used (there are several) > > 3. how many domain controllers you use > > > > ..it's a little difficult to say what the real problem is. > > Have you traces the communications across the inner firewall while making > > these tests? > > > > Generally speaking, domain traffic across any firewall is problematic at > best > > and completely unsupported across ISA (on purpose; it's VERY insecure). > > > > Jim Harrison > > MCP(NT4, W2K), A+, Network+, PCG > > http://isaserver.org/Jim_Harrison/ > > http://isatools.org > > Read the help / books / articles! > > > > > > On Wed, 3 Sep 2003 14:43:34 +0200 > > "Etienne Goetynck" <Etienne.Goetynck@xxxxxxx> wrote: > > http://www.ISAserver.org > > > > > > Hello, > > > > > > > > I have the following problem, and I'm out of idea :-( : > > > > > > > > I have an ISA Server, configured as Reverse Proxy, in DMZ (Firewall is not > an > > ISA Server) > > > > This server publish the content of an another website, located in LAN. > > > > > > > > HTTPS and authentication are enabled for this access. Authenticated users > are > > from My Windows Domain, not from local server. (My ISA server is on a W2K > > server, integrated to my DOMAIN and all corrects ports are open on my > Firewall > > (following a note from Microsoft). > > > > > > > > All is functioning correctly... but only time to time. > > > > > > > > > > > > When I make a request on my website (from an external connexion), I receive > > authentication windows but, when I try to connect with a user, sometimes > it's > > OK, sometimes it's KO. > > > > > > > > When it's OK with the first user, I can try with a second one... and OK or > KO > > are possible. > > > > When it's KO with the first user, I can try with a second one... and OK or > KO > > are possible. > > > > > > > > Is anybody has a suggestion for me ? > > > > > > > > Thank you in advance > > > > > > > > Etienne > > > > > > > > > > > > ________________________________________________ > > Goetynck Etienne > > System Engineer Email : Etienne.Goetynck@xxxxxxx > > Business Solutions Builders website : http://www.bsb.com > > Place de l'université, 25 B-1348 Louvain-la-Neuve > > Belgium > > Phone : +32 (0)10 48.34.93 Fax : +32 (0)10 48.34.99 > > ________________________________________________ > > > > > > > > > > > > ------------------------------------------------------ > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > > ------------------------------------------------------ > > Other Internet Software Marketing Sites: > > Leading Network Software Directory: http://www.serverfiles.com > > No.1 Exchange Server Resource Site: http://www.msexchange.org > > Windows Security Resource Site: http://www.windowsecurity.com/ > > Network Security Library: http://www.secinf.net/ > > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com > > ------------------------------------------------------ > > You are currently subscribed to this ISAserver.org Discussion List as: > > jim@xxxxxxxxxxxx > > To unsubscribe send a blank email to $subst('Email.Unsub') > > > > ^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^* > > > > All mail from this domain is virus-scanned with RAV. > > www.ravantivirus.com > > > > ^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^* > > > > > > ------------------------------------------------------ > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > > ------------------------------------------------------ > > Other Internet Software Marketing Sites: > > Leading Network Software Directory: http://www.serverfiles.com > > No.1 Exchange Server Resource Site: http://www.msexchange.org > > Windows Security Resource Site: http://www.windowsecurity.com/ > > Network Security Library: http://www.secinf.net/ > > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com > > ------------------------------------------------------ > > You are currently subscribed to this ISAserver.org Discussion List as: > > etienne.goetynck@xxxxxxx > > To unsubscribe send a blank email to $subst('Email.Unsub') > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Other Internet Software Marketing Sites: > Leading Network Software Directory: http://www.serverfiles.com > No.1 Exchange Server Resource Site: http://www.msexchange.org > Windows Security Resource Site: http://www.windowsecurity.com/ > Network Security Library: http://www.secinf.net/ > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > etienne.goetynck@xxxxxxx > To unsubscribe send a blank email to $subst('Email.Unsub')