ISA to ISA Authentication conundrums
- From: Tom <tom@xxxxxxxxxxxxx>
- To: isalist@xxxxxxxxxxxxx
- Date: Thu, 11 Apr 2002 08:32:40 +0100
The plot thickens: Here is the config:
From my desktop via ISA via Checkpoint on to the internet to a remote ISA
publishing 4 separate OWA, several IIS5 web servers requiring
authentication.
I have two XP machines.
1) They can both access everything when I untick to use the internal ISA in
IE6 and go via the Checkpoint - cool!
2) If I tick to go via the proxy, access to anonymous pages works just
fine - from both machines. Here is when is gets weird: From the desktop,
as soon as I try and access something requiring credentials, it fails
without prompting me and says For IIS5 web folders 'access denied due to ACL
on resource', for OWA is just says 'Access Denied' top left (doesn't look
like a IIS error page)
From the laptop going through the same proxy, accessing the same sites,
using the same credentials - I get prompted and can access the resource !!!
Help!!!!
Tom.
http://www.ISAserver.org
Hi Tom,
The problem is that the Internal ISA Server needs to be be configured in
such a way that the ip packet reaching to the checkpoint firewall needs to
be allowed to go out and connect to the other isa server. make a policy in
such a way that the local isa server is configured for all ports(i.e., all
ports needs to be open) and then check out. else if this scenario is not
working then remove the isa server in your local network and then use it.
The main problem is the authentication of the packet coming from internal
network to the local isa server and then to the check point firewall.
Regards
Venkata Ramana
-----Original Message-----
From: Tom Soulsby [mailto:tom@xxxxxxxxxxxxx]
Sent: Wednesday, April 10, 2002 4:30 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] ISA to ISA Authentication conundrums
http://www.ISAserver.org
Hi guys,
Can anyone suggest the 'best' configuration for ISA to ISA authentication
?
Here is the issue:
From my desktop via ISA via Checkpoint on to the internet to a remote ISA
publishing OWA, doesn't work I get access denied ? Same for access
webfolders, anything that requires authentication. Access is via standard
HTTP.
Same path as above but remove ISA, it works just fine which suggest the
remote ISA/OWA is configured correctly.
Desktop via Checkpoint via Remote ISA to OWA/Etc. - Works OK!!
These issues only appear when it's ISA to ISA - any suggestions
appreciated.
Tom.
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
ramana_suggula@xxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
**************************************************************************
This email (including any attachments) is intended for the sole use of the
intended recipient/s and may contain material that is CONFIDENTIAL AND
PRIVATE COMPANY INFORMATION. Any review or reliance by others or copying or
distribution or forwarding of any or all of the contents in this message is
STRICTLY PROHIBITED. If you are not the intended recipient, please contact
the sender by email and delete all copies; your cooperation in this regard
is appreciated.
**************************************************************************
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tom@xxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts: