RE: OWA 2003 ISA 2004 configuration question

  • From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Fri, 26 Aug 2005 04:59:12 -0500

Also, WHY of WHY isn't the ISA firewall a domain member?
 
Tom
www.isaserver.org
Tom and Deb Shinder's Configuring ISA Server 2004
http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> 
MVP -- ISA Firewalls

 


________________________________

        From: Doige, Clayton [mailto:clayton.doige@xxxxxxxxxxx] 
        Sent: Friday, August 26, 2005 4:53 AM
        To: [ISAserver.org Discussion List]
        Subject: [isalist] OWA 2003 ISA 2004 configuration question
        
        
        http://www.ISAserver.org
        

        Hi there. I have set up ISA and OWA in the following config,
which gets as far as the login page, but does not actually log into OWA
successfully.

         

        I followed the steps in Liran Zamir's Step by Step of Publishing
OWA using Forms based authentication. Server details as follows:

         

        Exchange Server is stand alone CA in W2K3 AD Domain, but is not
a DC

        ISA Server is a dual homed stand alone workstation (1 nic > DMZ
of perimeter firewall, 1 nic to internal network)

         

        With this configuration, I was able to get the certificate on
the website, import it into ISA Server, and get as far as the Login
Page, but no further.

         

        As the ISA Server is not a domain member, I installed IAS on the
Exchange Server, and registered it with Active Directory, and configured
the OWA listener to authenticate to the RADIUS. I set up a RADIUS client
for the ISA, left things pretty much default on the RADIUS Server
properties. I also set rules on the ISA to allow 1812-1813, and
1645-1646 to flow between the RADIUS and ISA Servers.

         

        In system32\logfiles I can see that the RADIUS Server is logging
the following each time I submit my username and password: (<> replaces
actual logged data), but no other information about failure, success
what have you is logged.

         

        <IP ADDRESS>,<MY_USER_NAME>,08/26/2005,10:15:25,IAS,<RADIUS
SERVER>,25,311 1 <IP ADDRESS ON RADIUS SERVER> 08/25/2005 16:21:47
11,4130,<LDAP PATH TO MY USER ACCOUNT>,4149,Connections to other access
servers,4127,1,4108,10.0.0.253,4116,0,4128,<ISA SERVER>,4155,1,4154,Use
Windows authentication for all users,4129,<MY_USER_NAME>,4136,3,4142,65

         

        My guess on this is that either I have IAS misconfigured, or IAS
can't pass authentication through to the ISA, but am not sure. If anyone
has any thoughts or suggestions it would be greatly appreciated.

         

        Regards

         

        Clayton Doige

        IT Project Manager

        CME Development Corporation

        T: 020 7430 5355

        M: 07932 653787

        E:clayton.doige@xxxxxxxxxxx

        W:www.cetv-net.com

         

        ------------------------------------------------------
        List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
        ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
        ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
        ------------------------------------------------------
        Visit TechGenix.com for more information about our other sites:
        http://www.techgenix.com
        ------------------------------------------------------
        You are currently subscribed to this ISAserver.org Discussion
List as: tshinder@xxxxxxxxxxxxxxxxxx
        To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
        Report abuse to listadmin@xxxxxxxxxxxxx 

Other related posts: