Strange problem With Exchange 2003 OWA thru ISA 2000

• From: "Nicholas Palmer" <NICK@xxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Tue, 7 Mar 2006 09:55:00 -0800

Hi everyone,

I'm having a strange problem with my Exchange 2003 OWA.  My setup is the
following :

Windows 2003 server SP1 with Exchange 2003 SP2 with OWA
Windows 2000 server SP4 with ISA 2000 SP2 with FP1

So, my OWA has been working fine for as long as I can remember.  The
only problem I had was last fall when my certificate expired and I had
renew it.  But after I did that, no problems.  Then, starting about 2
weeks ago, users were getting denied access to the sight.  I know that
OWA still works because I am able to get to it from inside the network.
But whenever an external user tries to get to it, they get the page that
says that the site is not available.   I have run a packet monitor on
the ISA server and watched the traffic from my test client machine and
it gets to the ISA's external NIC, but then doesn't get thru.  Its like
ISA is all of a sudden blocking the traffic.  If I look at the IPPxxx
log file, I can see that ISA is in fact blocking the traffic :

#Software: Microsoft(R) Internet Security and Acceleration Server 2000
#Version: 1.0
#Date: 2006-02-27 00:26:03
#Fields: date   time            source-ip               destination-ip
protocol        param#1 param#2 filter-rule     interface
2006-02-27      21:41:43        209.XXX.YYY.SOURCE
209.XXX.YYY.TARGET      Tcp     60311   443     BLOCKED
209.XXX.YYY.TARGET
2006-02-27      21:41:45        209.XXX.YYY.SOURCE
209.XXX.YYY.TARGET      Tcp     60312   443     BLOCKED
209.XXX.YYY.TARGET
2006-02-27      21:41:47        209.XXX.YYY.SOURCE
209.XXX.YYY.TARGET      Tcp     60315   443     BLOCKED
209.XXX.YYY.TARGET
2006-02-27      21:42:31        209.XXX.YYY.SOURCE
209.XXX.YYY.TARGET      Tcp     60351   443     BLOCKED
209.XXX.YYY.TARGET
2006-02-27      21:42:34        209.XXX.YYY.SOURCE
209.XXX.YYY.TARGET      Tcp     60352   443     BLOCKED
209.XXX.YYY.TARGET
2006-02-27      21:42:36        209.XXX.YYY.SOURCE
209.XXX.YYY.TARGET      Tcp     60353   443     BLOCKED
209.XXX.YYY.TARGET
2006-02-27      21:43:58        209.XXX.YYY.SOURCE
209.XXX.YYY.TARGET      Tcp     60398   443     BLOCKED
209.XXX.YYY.TARGET
2006-02-27      21:44:00        209.XXX.YYY.SOURCE
209.XXX.YYY.TARGET      Tcp     60402   443     BLOCKED
209.XXX.YYY.TARGET
2006-02-27      21:44:03        209.XXX.YYY.SOURCE
209.XXX.YYY.TARGET      Tcp     60405   443     BLOCKED
209.XXX.YYY.TARGET
2006-02-27      21:46:45        209.XXX.YYY.SOURCE
209.XXX.YYY.TARGET      Tcp     60458   443     BLOCKED
209.XXX.YYY.TARGET
2006-02-27      21:46:48        209.XXX.YYY.SOURCE
209.XXX.YYY.TARGET      Tcp     60460   443     BLOCKED
209.XXX.YYY.TARGET
2006-02-27      21:46:50        209.XXX.YYY.SOURCE
209.XXX.YYY.TARGET      Tcp     60461   443     BLOCKED
209.XXX.YYY.TARGET

And this is what is so confusing and strange, since I haven't changed
anything in my ISA configuration.  The last thing I did to the box was
to apply the patch for KB911564 which I believe is for a vulnerability
in Media player and should have no affect on ISA, at least none that I
can find.  

Does anybody have any suggestions or clues as to what I might try.  My
next step was to remove the OWA publishing rule and try re-creating it.

Thanks
Nick

Other related posts:

• » Strange problem With Exchange 2003 OWA thru ISA 2000

1. Home
2. isalist
3. Archive
4. 03-2006

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---