RE: that old 12202 forbidden chessnut
- From: Clayton Doige <clayton.doige@xxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Fri, 23 Dec 2005 13:52:56 +0000
Cool, thanks, I will compare what is in the article to what I have done.
Merry Christams
Clayton
On 12/22/05, Thomas W Shinder <tshinder@xxxxxxxxxxx> wrote:
>
> http://www.ISAserver.org <http://www.isaserver.org/>
> http://www.isaserver.org/articles/2004pubowartm.html
>
> *
>
> Thomas W Shinder, M.D.
> Site: www.isaserver.org
> Blog: http://spaces.msn.com/members/drisa/
> *
> *Book: **http://tinyurl.com/3xqb7* <http://tinyurl.com/3xqb7>
> *MVP -- ISA Firewalls
> ****Who is John Galt?*****
>
> ------------------------------
> *From:* Doige, Clayton [mailto:clayton.doige@xxxxxxxxxxx]
> *Sent:* Thursday, December 22, 2005 9:54 AM
> *To:* [ISAserver.org Discussion List]
> *Subject:* [isalist] that old 12202 forbidden chessnut
>
>
> http://www.ISAserver.org <http://www.isaserver.org/>
>
> Some of you will recall a couple months back me having no success with
> this error at all.
>
>
>
> Now that things have been quiet around here this week, I have had a chance
> to revisit things.
>
>
>
> I uninstalled the original certificate authority I had created here, and
> reinstalled one for cme-net.com. I again have gone through Liran Zamir's
> Step By Step Publishing Article for publishing W2K3 OWA over ISA 2K4 using
> Forms Based Authentication.
>
>
>
> The name on the certificate is registered in DNS, and I can ping that name
> and have it resolve to the correct IP Address from an external computer. I
> have added this name to the ISA Server's host file with the internal 10
> range address.
>
>
>
> When I go to the website, I am prompted to verify I want to proceed with
> the untrusted certificate, which I do, and the OWA Form opens on the page,
> I then put in my username and password (username being domain\user format)
> and the 403 Forbidden pops up.
>
>
>
> Interestingly enough, when I had this error before nothing showed up in
> the Logs of the ISA Server, however now, it comes up with a denied packet
> associated with port 443, https, with the username I am putting in being
> referenced.
>
>
>
> Is there some other rule that I need to create here?
>
>
>
> Lastly, when I browse to the OWA site from the ISA Server itself, before
> the certificate prompt comes up, a security warning is displayed stating
> that certificate revocation information for the previous certificate is
> unavailable do I wish to continue. I am guessing this is due to the old cert
> with that internal reference being still hanging around in IE somewhere, but
> will that be contributing to the 12202 issue from the public side?
>
>
>
> Any help will be greatly appreciated, tomorrow being the last day for me
> here this year, I would like to finish off on a positive.
>
>
>
>
>
> *Clayton Doige*
>
> IT Project Manager
>
> *C**ME Development Corporation*
>
> T: 020 7430 5355
>
> M: 07932 653787
>
> E:clayton.doige@xxxxxxxxxxx
>
> W:www.cetv-net.com
>
>
>
> ______________________________________________________________________
> This electronic mail message and any attached files contain information
> intended for the exclusive use of the person to whom it is addressed and may
> contain information that is proprietary, privileged, confidential and/or
> exempt from disclosure under applicable law. If you are not the intended
> recipient, you are hereby notified that any viewing, copying, disclosure or
> distribution of this information may be subject to legal restriction or
> sanction. If you are not an addressee, please notify the sender immediately
> by electronic mail and delete the original message without making any
> copies.
> _____________________________________________________________________
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> tshinder@xxxxxxxxxxxxxxxxxx
> To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> clayton.doige@xxxxxxxxx
> To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
--
Regards,
Clayton
clayton@xxxxxxxxxxxx
http://alsipius.com
Other related posts:
