RE: The kerberos subsystem encountered a PAC verification failure...ISA2K & W2k3...
- From: Marvin Cummings <MarvinC@xxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Fri, 22 Oct 2004 10:34:38 -0400
Correct. The site's accesible externally and internally nwo that I've
added it to my host file. My settings are listed as follows:
Back to Split-DNS
Internal IP: 192.168.1.8
External IP: 192.168.1.2
Router IP: 192.168.1.1
LAT: 192.168.1.0 - 192.168.1.255
Web Listener Config:
IP: 192.168.1.2
TCP Port: 80
SSL port: 443
Enable SSL Listeners box checked
Web Listener Properties Sheet:
Server: ISA server
IP Address: 192.168.1.2 - Maybe this is the problem????
Use a server certificate to authenticate to web clients - box unchecked
Authentication: Basic with this domain - box unchecked
Integrated box checked
thnks
On Fri, 22 Oct 2004 05:09:49 -0500, Thomas W Shinder
<tshinder@xxxxxxxxxxx> wrote:
> http://www.ISAserver.org
>
> Hi Marvin,
>
> I thought the other day we demonstrated that your site actually did
> work. We were presented with a certificate and a log on dialog box.
> Can't say what would have happened after that, though.
>
> What is the:
>
> EXACT IP address information on each of the ISA firewall's interfaces
> EXACT IP address information on each of the interfaces on the device in
> front of the ISA firewall
> EXACT configuration of the Web Publishing Rule
>
> Thanks!
>
> Tom
> www.isaserver.org/shinder
> Tom and Deb Shinder's Configuring ISA Server 2004
> http://tinyurl.com/3xqb7
> MVP -- ISA Firewalls
>
>
>
>
> -----Original Message-----
> From: Marvin Cummings [mailto:MarvinC@xxxxxxxxx]
> Sent: Friday, October 22, 2004 3:35 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] The kerberos subsystem encountered a PAC verification
> failure...ISA2K & W2k3...
>
> http://www.ISAserver.org
>
> Anyone come across the following errors in their event log:
>
> Event ID: 5719
> This computer was not able to set up a secure session with a domain
> controller in domain mydomain due to the following:
> There are currently no logon servers available to service the logon
> request.
> This may lead to authentication problems. Make sure that this computer
> is connected to the network. If the problem persists, please contact
> your domain administrator.
>
> ADDITIONAL INFO
> If this computer is a domain controller for the specified domain, it
> sets up the secure session to the primary domain controller emulator
> in the specified domain. Otherwise, this computer sets up the secure
> session to any domain controller in the specified domain.
>
> Event ID: 7
> The kerberos subsystem encountered a PAC verification failure. This
> indicates that the PAC from the client nuisasrvr$ in realm
> my.domain.com had a PAC which failed to verify or was modified.
> Contact your system administrator.
>
> This ISA server computer isn't a domain controller and I can access
> the domain controller fine. The ISA server passes a netdiag fine so
> I'm kinda lost on where to check next.
>
> Any responses are appreciated.
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> tshinder@xxxxxxxxxxxxxxxxxx
>
>
> To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> marvinc@xxxxxxxxx
> To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
Other related posts:
