Ooohkey, then. *8^) Back to the redirect you provided... The error being received was a 12202 error. Since there wasn't a 12202.htm file in the ErrorHtmls directory, I created a new file called such, put the redirect in, updated the URL to point to where I wanted it to go and then restarted the firewall service. I'm still getting that 12202 error and the web proxy filter is throwing it. *8^( Ideas? Cordially yours, Jerry G. Young II MCSE (4.0/W2K) Atlanta EES Implementation Team Lead HHS Engineering Unisys 11493 Sunset Hills Rd. Reston, VA 20190 Office: 703-579-2727 Cell: 703-625-1468 THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. -----Original Message----- From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] Sent: Thursday, January 19, 2006 1:27 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: OWA HTTPS [Enterprise] Default rule Denial http://www.ISAserver.org ISA 2004 doesn't have a web proxy service; it's an application filter in the firewall service. Thus, if you feel the need to cycle the web proxy, you have to cycle the firewall service. ------------------------------------------------------- Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! ------------------------------------------------------- -----Original Message----- From: Young, Gerald G [mailto:Gerald.Young@xxxxxxxxxx] Sent: Thursday, January 19, 2006 10:21 To: [ISAserver.org Discussion List] Subject: [isalist] RE: OWA HTTPS [Enterprise] Default rule Denial http://www.ISAserver.org Thanks, Jim. Silly question, though. How do you restart the Web Proxy service when it doesn't display in the Services tab of the Monitoring node? I don't even see W3Proxy.exe running as a process, although I do see a W3Prefch.exe process (that related?). Cordially yours, Jerry G. Young II MCSE (4.0/W2K) Atlanta EES Implementation Team Lead HHS Engineering Unisys 11493 Sunset Hills Rd. Reston, VA 20190 Office: 703-579-2727 Cell: 703-625-1468 THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. -----Original Message----- From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] Sent: Thursday, January 19, 2006 12:44 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: OWA HTTPS [Enterprise] Default rule Denial http://www.ISAserver.org That's my point - you shouldn't allow "/*". If you create rules using specific path limitations, don't test them using other (empty, IOW) paths unless you're trying to validate ISA blocking action (you did). If you're trying to support folks that forget to use /exchange in the URL, take a look at http://isatools.org/isa_redirects.zip ------------------------------------------------------- Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! ------------------------------------------------------- -----Original Message----- From: Young, Gerald G [mailto:Gerald.Young@xxxxxxxxxx] Sent: Thursday, January 19, 2006 09:30 To: [ISAserver.org Discussion List] Subject: [isalist] RE: OWA HTTPS [Enterprise] Default rule Denial http://www.ISAserver.org By default, when creating the rule using the wizard, the paths are set to just the following. I have not changed these. /exchange/* /exchweb/* /public/* Should I add "/"? In the past, when I've attempted to add "/*" ISA complains saying that that is the same as the others already specified. Cordially yours, Jerry G. Young II MCSE (4.0/W2K) Atlanta EES Implementation Team Lead HHS Engineering Unisys 11493 Sunset Hills Rd. Reston, VA 20190 Office: 703-579-2727 Cell: 703-625-1468 THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. -----Original Message----- From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] Sent: Thursday, January 19, 2006 12:23 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: OWA HTTPS [Enterprise] Default rule Denial http://www.ISAserver.org Does you rule include the "/" path? My $.02 says "no". My $M5 says it shouldn't, either. ------------------------------------------------------- Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! ------------------------------------------------------- -----Original Message----- From: Young, Gerald G [mailto:Gerald.Young@xxxxxxxxxx] Sent: Thursday, January 19, 2006 09:06 To: [ISAserver.org Discussion List] Subject: [isalist] OWA HTTPS [Enterprise] Default rule Denial http://www.ISAserver.org All, I'm having a problem with getting OWA working through ISA as expected. If I point the URL for OWA to https://domain.com/exchange <https://domain.com/exchange> , a connection is made and the OWA page displays. However, if I go to https://domain.com <https://domain.com> , I consistently get denied connections due to the [Enterprise] Default rule kicking in stating that the ISA server denied that URL. The URL field in the logged event shows up as http://domain.com <http://domain.com> instead of http://domain.com:443 <http://domain.com:443> . The same field when going to https://domain.com/exchange <https://domain.com/exchange> shows up in the logs as http://domain.com:443/exchange <http://domain.com:443/exchange> . Anyone know what's causing this behavior? Since this is being logged by the Web Proxy Filter, I'm guessing something related to that configuration but I'll be damned if I can figure it out. Cordially yours, Jerry G. Young II MCSE (4.0/W2K) Atlanta EES Implementation Team Lead HHS Engineering Unisys 11493 Sunset Hills Rd. Reston, VA 20190 Office: 703-579-2727 Cell: 703-625-1468 THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx All mail to and from this domain is GFI-scanned. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: gerald.young@xxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx All mail to and from this domain is GFI-scanned. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: gerald.young@xxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx All mail to and from this domain is GFI-scanned. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: gerald.young@xxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx