Cool, thanks, I will compare what is in the article to what I have done. Merry Christams Clayton On 12/22/05, Thomas W Shinder <tshinder@xxxxxxxxxxx> wrote: > > http://www.ISAserver.org <http://www.isaserver.org/> > http://www.isaserver.org/articles/2004pubowartm.html > > * > > Thomas W Shinder, M.D. > Site: www.isaserver.org > Blog: http://spaces.msn.com/members/drisa/ > * > *Book: **http://tinyurl.com/3xqb7* <http://tinyurl.com/3xqb7> > *MVP -- ISA Firewalls > ****Who is John Galt?***** > > ------------------------------ > *From:* Doige, Clayton [mailto:clayton.doige@xxxxxxxxxxx] > *Sent:* Thursday, December 22, 2005 9:54 AM > *To:* [ISAserver.org Discussion List] > *Subject:* [isalist] that old 12202 forbidden chessnut > > > http://www.ISAserver.org <http://www.isaserver.org/> > > Some of you will recall a couple months back me having no success with > this error at all. > > > > Now that things have been quiet around here this week, I have had a chance > to revisit things. > > > > I uninstalled the original certificate authority I had created here, and > reinstalled one for cme-net.com. I again have gone through Liran Zamir's > Step By Step Publishing Article for publishing W2K3 OWA over ISA 2K4 using > Forms Based Authentication. > > > > The name on the certificate is registered in DNS, and I can ping that name > and have it resolve to the correct IP Address from an external computer. I > have added this name to the ISA Server's host file with the internal 10 > range address. > > > > When I go to the website, I am prompted to verify I want to proceed with > the untrusted certificate, which I do, and the OWA Form opens on the page, > I then put in my username and password (username being domain\user format) > and the 403 Forbidden pops up. > > > > Interestingly enough, when I had this error before nothing showed up in > the Logs of the ISA Server, however now, it comes up with a denied packet > associated with port 443, https, with the username I am putting in being > referenced. > > > > Is there some other rule that I need to create here? > > > > Lastly, when I browse to the OWA site from the ISA Server itself, before > the certificate prompt comes up, a security warning is displayed stating > that certificate revocation information for the previous certificate is > unavailable do I wish to continue. I am guessing this is due to the old cert > with that internal reference being still hanging around in IE somewhere, but > will that be contributing to the 12202 issue from the public side? > > > > Any help will be greatly appreciated, tomorrow being the last day for me > here this year, I would like to finish off on a positive. > > > > > > *Clayton Doige* > > IT Project Manager > > *C**ME Development Corporation* > > T: 020 7430 5355 > > M: 07932 653787 > > E:clayton.doige@xxxxxxxxxxx > > W:www.cetv-net.com > > > > ______________________________________________________________________ > This electronic mail message and any attached files contain information > intended for the exclusive use of the person to whom it is addressed and may > contain information that is proprietary, privileged, confidential and/or > exempt from disclosure under applicable law. If you are not the intended > recipient, you are hereby notified that any viewing, copying, disclosure or > distribution of this information may be subject to legal restriction or > sanction. If you are not an addressee, please notify the sender immediately > by electronic mail and delete the original message without making any > copies. > _____________________________________________________________________ > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > tshinder@xxxxxxxxxxxxxxxxxx > To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > clayton.doige@xxxxxxxxx > To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > -- Regards, Clayton clayton@xxxxxxxxxxxx http://alsipius.com