[isalist] Re: RPC over HTTP (Almost there...)
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
- To: <isalist@xxxxxxxxxxxxx>
- Date: Sun, 25 Jun 2006 09:06:08 -0500
Hi Tom,
OK,
1. What is the ACTUAL common/subject name on the Web site certificate
bound to the Web listener?
2. What is the ACTUAL common/subject name on the Exchange Web site?
3. What is the ACTUAL name on the Public Name tab?
4. What is the ACTUAL name on the To tab?
Thomas W Shinder, M.D.
Site: www.isaserver.org <http://www.isaserver.org/>
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7>
MVP -- ISA Firewalls
________________________________
From: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Tom Rogers
Sent: Sunday, June 25, 2006 12:32 AM
To: isalist@xxxxxxxxxxxxx
Subject: RE: [isalist] RPC over HTTP (Almost there...)
I ran a filter on the ISA monitoring for the OWA rule. This is
what happens when I tried to authenticate 3 times...
Original Client IP Client Agent Authenticated Client Service
Server Name Referring Server Destination Host Name Transport MIME Type
Object Source Source Proxy Destination Proxy Bidirectional Client Host
Name Filter Information Network Interface Raw IP Header Raw Payload
Source Port Processing Time Bytes Sent Bytes Received Result Code HTTP
Status Code Cache Information Error Information Log Record Type Log Time
Destination IP Destination Port Protocol Action Rule Client IP Client
Username Source Network Destination Network HTTP Method URL
0.0.0.0 MSRPC No Reverse Proxy SPISA owa.companyname.biz TCP
text/html Internet - - - Compression: client=No, server=No, cache=No,
compress rate=0% decompress rate=0% - - - 0 312 0 326 10054 0x4000008
0xc02 Web Proxy Filter 06/25/2006 1:21:46 AM 192.168.1.5 443 https
Failed Connection Attempt companyname OWA 74.67.214.74 anonymous
External RPC_IN_DATA
http://OWA.companyname.BIZ:443/rpc/rpcproxy.dll?owa.companyname.biz:6002
<http://OWA.companyname.BIZ:443/rpc/rpcproxy.dll?owa.companyname.biz:600
2>
0.0.0.0 MSRPC No Reverse Proxy SPISA owa.companyname.biz TCP
text/html Internet - - - Compression: client=No, server=No, cache=No,
compress rate=0% decompress rate=0% - - - 0 1 1933 306 401 0x44000008
0xc00 Web Proxy Filter 06/25/2006 1:21:49 AM 192.168.1.5 443 https
Allowed Connection companyname OWA 74.67.214.74 anonymous External
RPC_IN_DATA
http://OWA.companyname.BIZ:443/rpc/rpcproxy.dll?owa.companyname.biz:6002
<http://OWA.companyname.BIZ:443/rpc/rpcproxy.dll?owa.companyname.biz:600
2>
0.0.0.0 MSRPC No Reverse Proxy SPISA owa.companyname.biz TCP
text/html Internet - - - Compression: client=No, server=No, cache=No,
compress rate=0% decompress rate=0% - - - 0 1 1933 307 401 0x44000008
0xc00 Web Proxy Filter 06/25/2006 1:21:49 AM 192.168.1.5 443 https
Allowed Connection companyname OWA 74.67.214.74 anonymous External
RPC_OUT_DATA
http://OWA.companyname.BIZ:443/rpc/rpcproxy.dll?owa.companyname.biz:6002
<http://OWA.companyname.BIZ:443/rpc/rpcproxy.dll?owa.companyname.biz:600
2>
0.0.0.0 MSRPC No Reverse Proxy SPISA owa.companyname.biz TCP
text/html Internet - - - Compression: client=No, server=No, cache=No,
compress rate=0% decompress rate=0% - - - 0 15 1933 306 401 0x44000008
0xc00 Web Proxy Filter 06/25/2006 1:21:52 AM 192.168.1.5 443 https
Allowed Connection companyname OWA 74.67.214.74 anonymous External
RPC_IN_DATA
http://OWA.companyname.BIZ:443/rpc/rpcproxy.dll?owa.companyname.biz:6002
<http://OWA.companyname.BIZ:443/rpc/rpcproxy.dll?owa.companyname.biz:600
2>
0.0.0.0 MSRPC No Reverse Proxy SPISA owa.companyname.biz TCP
text/html Internet - - - Compression: client=No, server=No, cache=No,
compress rate=0% decompress rate=0% - - - 0 1 0 307 10054 0x4000008
0xc02 Web Proxy Filter 06/25/2006 1:21:52 AM 192.168.1.5 443 https
Failed Connection Attempt companyname OWA 74.67.214.74 anonymous
External RPC_OUT_DATA
http://OWA.companyname.BIZ:443/rpc/rpcproxy.dll?owa.companyname.biz:6002
<http://OWA.companyname.BIZ:443/rpc/rpcproxy.dll?owa.companyname.biz:600
2>
0.0.0.0 MSRPC No Reverse Proxy SPISA owa.companyname.biz TCP
text/html Internet - - - Compression: client=No, server=No, cache=No,
compress rate=0% decompress rate=0% - - - 0 1 1933 306 401 0x44000008
0xc00 Web Proxy Filter 06/25/2006 1:22:00 AM 192.168.1.5 443 https
Allowed Connection companyname OWA 74.67.214.74 anonymous External
RPC_IN_DATA
http://OWA.companyname.BIZ:443/rpc/rpcproxy.dll?owa.companyname.biz:6002
<http://OWA.companyname.BIZ:443/rpc/rpcproxy.dll?owa.companyname.biz:600
2>
0.0.0.0 MSRPC No Reverse Proxy SPISA owa.companyname.biz TCP
text/html Internet - - - Compression: client=No, server=No, cache=No,
compress rate=0% decompress rate=0% - - - 0 1 1933 307 401 0x44000008
0xc00 Web Proxy Filter 06/25/2006 1:22:00 AM 192.168.1.5 443 https
Allowed Connection companyname OWA 74.67.214.74 anonymous External
RPC_OUT_DATA
http://OWA.companyname.BIZ:443/rpc/rpcproxy.dll?owa.companyname.biz:6002
<http://OWA.companyname.BIZ:443/rpc/rpcproxy.dll?owa.companyname.biz:600
2>
0.0.0.0 MSRPC No Reverse Proxy SPISA owa.companyname.biz TCP
text/html Internet - - - Compression: client=No, server=No, cache=No,
compress rate=0% decompress rate=0% - - - 0 1 1933 306 401 0x44000008
0xc00 Web Proxy Filter 06/25/2006 1:22:03 AM 192.168.1.5 443 https
Allowed Connection companyname OWA 74.67.214.74 anonymous External
RPC_IN_DATA
http://OWA.companyname.BIZ:443/rpc/rpcproxy.dll?owa.companyname.biz:6002
<http://OWA.companyname.BIZ:443/rpc/rpcproxy.dll?owa.companyname.biz:600
2>
0.0.0.0 MSRPC No Reverse Proxy SPISA owa.companyname.biz TCP
text/html Internet - - - Compression: client=No, server=No, cache=No,
compress rate=0% decompress rate=0% - - - 0 156 1933 327 401
0x44000008 0xc00 Web Proxy Filter 06/25/2006 1:21:46 AM 192.168.1.5 443
https Allowed Connection companyname OWA 74.67.214.74 anonymous External
RPC_OUT_DATA
http://OWA.companyname.BIZ:443/rpc/rpcproxy.dll?owa.companyname.biz:6002
<http://OWA.companyname.BIZ:443/rpc/rpcproxy.dll?owa.companyname.biz:600
2>
0.0.0.0 MSRPC No Reverse Proxy SPISA owa.companyname.biz TCP
text/html Internet - - - Compression: client=No, server=No, cache=No,
compress rate=0% decompress rate=0% - - - 0 1 0 307 10054 0x4000008
0xc02 Web Proxy Filter 06/25/2006 1:22:03 AM 192.168.1.5 443 https
Failed Connection Attempt companyname OWA 74.67.214.74 anonymous
External RPC_OUT_DATA
http://OWA.companyname.BIZ:443/rpc/rpcproxy.dll?owa.companyname.biz:6002
<http://OWA.companyname.BIZ:443/rpc/rpcproxy.dll?owa.companyname.biz:600
2>
-TRogers
________________________________
From: isalist-bounce@xxxxxxxxxxxxx on behalf of Jim Harrison
Sent: Sat 6/24/2006 9:04 PM
To: isalist@xxxxxxxxxxxxx
Subject: RE: [isalist] RPC over HTTP (Almost there...)
Don't
Do
It
<period>
It's a disaster waiting to happen.
What's in the ISA logs for those attempts?
What's in the IIS logs for those attempts?
How did you create the OWA pub rule; manually or via the Exch
publishing weirdzard?
BTW, I reviewed the case logs and spoke with the engineer you
worked with.
At no time was there any mention of making your Exch server a
DC/GC.
________________________________
From: isalist-bounce@xxxxxxxxxxxxx on behalf of Tom Rogers
Sent: Sat 6/24/2006 5:29 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] RPC over HTTP (Almost there...)
I think I am so close to having this work that I can taste
it....anyway, my Outlook 2003 SP2 client (on Win XP Pro SP2) keeps
asking for user credentials - I can type them in a hundred times (not
that I did), but it keeps asking for my login credentials.
My RPC Proxy is set for ONLY Basic Authentication also. Any
ideas? Everything is setup according to all the docs you all have sent
me. The only thing that I have not tried yet, is to make my Exch box a
DC/GC. That is next if no solution now.
And I know you all said this is a BAD idea (Exch box as DC/DC,
but I have seen documentation from Microsoft AND Tom Shinder's
documentation (his lab example - although he does point out it is not
recommended).
TIA,
-TRogers
Other related posts:
