RE: OWA HTTPS [Enterprise] Default rule Denial

  • From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Thu, 19 Jan 2006 10:18:09 -0800

"/" is *NOT* part of the required Exch web publishing set. 
This si why it's not added as part of the weirdzard action.

-------------------------------------------------------
   Jim Harrison
   MCP(NT4, W2K), A+, Network+, PCG
   http://isaserver.org/Jim_Harrison/
   http://isatools.org
   Read the help / books / articles!
-------------------------------------------------------
 

-----Original Message-----
From: Young, Gerald G [mailto:Gerald.Young@xxxxxxxxxx] 
Sent: Thursday, January 19, 2006 09:41
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: OWA HTTPS [Enterprise] Default rule Denial

http://www.ISAserver.org

Weird.

Adding "/" to the path list resolved the issue.  If that's required, why 
doesn't the wizard take care of it properly?

Jim, you said that you're $M5 (what is that? *8^)) is that the "/"
shouldn't be specified as one of the paths... ?

Cordially yours,
Jerry G. Young II
  MCSE (4.0/W2K)
Atlanta EES Implementation Team Lead
HHS Engineering
Unisys
 
11493 Sunset Hills Rd.
Reston, VA 20190
Office: 703-579-2727
Cell: 703-625-1468

THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY 
MATERIAL and is thus for use only by the intended recipient. If you received 
this in error, please contact the sender and delete the e-mail and its 
attachments from all computers.

-----Original Message-----
From: Young, Gerald G [mailto:Gerald.Young@xxxxxxxxxx]
Sent: Thursday, January 19, 2006 12:30 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: OWA HTTPS [Enterprise] Default rule Denial

http://www.ISAserver.org

By default, when creating the rule using the wizard, the paths are set to just 
the following.  I have not changed these.

/exchange/*
/exchweb/*
/public/*

Should I add "/"?  In the past, when I've attempted to add "/*" ISA complains 
saying that that is the same as the others already specified.

Cordially yours,
Jerry G. Young II
  MCSE (4.0/W2K)
Atlanta EES Implementation Team Lead
HHS Engineering
Unisys
 
11493 Sunset Hills Rd.
Reston, VA 20190
Office: 703-579-2727
Cell: 703-625-1468

THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY 
MATERIAL and is thus for use only by the intended recipient. If you received 
this in error, please contact the sender and delete the e-mail and its 
attachments from all computers.

-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Sent: Thursday, January 19, 2006 12:23 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: OWA HTTPS [Enterprise] Default rule Denial

http://www.ISAserver.org

Does you rule include the "/" path? 
My $.02 says "no".
My $M5 says it shouldn't, either.

-------------------------------------------------------
   Jim Harrison
   MCP(NT4, W2K), A+, Network+, PCG
   http://isaserver.org/Jim_Harrison/
   http://isatools.org
   Read the help / books / articles!
-------------------------------------------------------
 

-----Original Message-----
From: Young, Gerald G [mailto:Gerald.Young@xxxxxxxxxx]
Sent: Thursday, January 19, 2006 09:06
To: [ISAserver.org Discussion List]
Subject: [isalist] OWA HTTPS [Enterprise] Default rule Denial

http://www.ISAserver.org


All,

I'm having a problem with getting OWA working through ISA as expected.

If I point the URL for OWA to https://domain.com/exchange 
<https://domain.com/exchange> , a connection is made and the OWA page displays. 
 However, if I go to https://domain.com <https://domain.com> , I consistently 
get denied connections due to the [Enterprise] Default rule kicking in stating 
that the ISA server denied that URL.  The URL field in the logged event shows 
up as http://domain.com <http://domain.com>  instead of http://domain.com:443 
<http://domain.com:443> .  The same field when going to 
https://domain.com/exchange <https://domain.com/exchange>  shows up in the logs 
as http://domain.com:443/exchange <http://domain.com:443/exchange> .

Anyone know what's causing this behavior?

Since this is being logged by the Web Proxy Filter, I'm guessing something 
related to that configuration but I'll be damned if I can figure it out.

Cordially yours,

Jerry G. Young II

  MCSE (4.0/W2K)

Atlanta EES Implementation Team Lead

HHS Engineering

Unisys

 

11493 Sunset Hills Rd.

Reston, VA 20190

Office: 703-579-2727

Cell: 703-625-1468

THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY 
MATERIAL and is thus for use only by the intended recipient. If you received 
this in error, please contact the sender and delete the e-mail and its 
attachments from all computers.

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx 

All mail to and from this domain is GFI-scanned.


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
gerald.young@xxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
gerald.young@xxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
jim@xxxxxxxxxxxx To unsubscribe visit 
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

All mail to and from this domain is GFI-scanned.

Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 01-2006