RE: OWA 2003 ISA 2004 configuration question
- From: "Troy Radtke" <TRadtke@xxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Fri, 26 Aug 2005 07:45:52 -0500
I believe he was asking if you have a specific reason why it is not a
domain member. Regulatory? Corporate? Department? Just because? Vender
recommendation?
-----Original Message-----
From: Doige, Clayton [mailto:clayton.doige@xxxxxxxxxxx]
Sent: Friday, August 26, 2005 5:20 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: OWA 2003 ISA 2004 configuration question
http://www.ISAserver.org
So I take it that if I rip out the RADIUS set up, and join it to the
domain I will get things ticking over?
_____
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
Sent: 26 August 2005 10:59
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: OWA 2003 ISA 2004 configuration question
http://www.ISAserver.org
Also, WHY of WHY isn't the ISA firewall a domain member?
Tom
www.isaserver.org
Tom and Deb Shinder's Configuring ISA Server 2004
<http://tinyurl.com/3xqb7> http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
_____
From: Doige, Clayton [mailto:clayton.doige@xxxxxxxxxxx]
Sent: Friday, August 26, 2005 4:53 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] OWA 2003 ISA 2004 configuration question
http://www.ISAserver.org
Hi there. I have set up ISA and OWA in the following config, which gets
as far as the login page, but does not actually log into OWA
successfully.
I followed the steps in Liran Zamir's Step by Step of Publishing OWA
using Forms based authentication. Server details as follows:
Exchange Server is stand alone CA in W2K3 AD Domain, but is not a DC
ISA Server is a dual homed stand alone workstation (1 nic > DMZ of
perimeter firewall, 1 nic to internal network)
With this configuration, I was able to get the certificate on the
website, import it into ISA Server, and get as far as the Login Page,
but no further.
As the ISA Server is not a domain member, I installed IAS on the
Exchange Server, and registered it with Active Directory, and configured
the OWA listener to authenticate to the RADIUS. I set up a RADIUS client
for the ISA, left things pretty much default on the RADIUS Server
properties. I also set rules on the ISA to allow 1812-1813, and
1645-1646 to flow between the RADIUS and ISA Servers.
In system32\logfiles I can see that the RADIUS Server is logging the
following each time I submit my username and password: (<> replaces
actual logged data), but no other information about failure, success
what have you is logged.
<IP ADDRESS>,<MY_USER_NAME>,08/26/2005,10:15:25,IAS,<RADIUS
SERVER>,25,311 1 <IP ADDRESS ON RADIUS SERVER> 08/25/2005 16:21:47
11,4130,<LDAP PATH TO MY USER ACCOUNT>,4149,Connections to other access
servers,4127,1,4108,10.0.0.253,4116,0,4128,<ISA SERVER>,4155,1,4154,Use
Windows authentication for all users,4129,<MY_USER_NAME>,4136,3,4142,65
My guess on this is that either I have IAS misconfigured, or IAS can't
pass authentication through to the ISA, but am not sure. If anyone has
any thoughts or suggestions it would be greatly appreciated.
Regards
Clayton Doige
IT Project Manager
CME Development Corporation
T: 020 7430 5355
M: 07932 653787
E:clayton.doige@xxxxxxxxxxx
W:www.cetv-net.com
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
clayton.doige@xxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tradtke@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
