Oh no! Not another VPN problem!
- From: "Rui Silva" <rui.silva@xxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Fri, 11 Jul 2003 16:02:05 +0100
Yes, it's true (I'm beginning to think that ISA and VPN don't play
well...).
So, imagine this scenario:
ISA SERVER
----------
-SP1
-Integrated mode
-PPTP through ISA firewall allowed
-Site and Content Rule that requires authentications for all
destinations
-The Web Proxy is not configured to ask for authentication
CLIENTS
-------
-Simultaneously SecureNAT/Firewall/Web Proxy
-IE 6.0 SP1
Everything works well when clients are browsing the net, BUT... When a
client makes a VPN connection, he (she) is still able to make Terminal
Services connections to the outside, do DNS resolutions, etc (the
protocol rules are OK, so I think there's nothing wrong with the
Firewall Service). The problem is that browsing with IE is no longer
allowed. The ISA Server comes up with this message:
The page cannot be displayed
[...]
403 Forbidden - The ISA Server denies the specified Uniform Resource
Locator (URL). (12202)
Internet Security and Acceleration Server
I already tried to look at the logs and I can't see anything wrong. I
even used a network sniffer, but with no results.
What is going wrong here?
Txs.
Other related posts:
