Indeed it is....that's in your internal subnet range, going with what's below -----Original Message----- From: Marvin Cummings [mailto:MarvinC@xxxxxxxxx] Sent: Friday, October 22, 2004 11:35 AM To: ISA Mailing List Subject: [isalist] RE: The kerberos subsystem encountered a PAC verification failure...ISA2K & W2k3... http://www.ISAserver.org Correct. The site's accesible externally and internally nwo that I've added it to my host file. My settings are listed as follows: Back to Split-DNS Internal IP: 192.168.1.8 External IP: 192.168.1.2 Router IP: 192.168.1.1 LAT: 192.168.1.0 - 192.168.1.255 Web Listener Config: IP: 192.168.1.2 TCP Port: 80 SSL port: 443 Enable SSL Listeners box checked Web Listener Properties Sheet: Server: ISA server IP Address: 192.168.1.2 - Maybe this is the problem???? Use a server certificate to authenticate to web clients - box unchecked Authentication: Basic with this domain - box unchecked Integrated box checked thnks On Fri, 22 Oct 2004 05:09:49 -0500, Thomas W Shinder <tshinder@xxxxxxxxxxx> wrote: > http://www.ISAserver.org > > Hi Marvin, > > I thought the other day we demonstrated that your site actually did > work. We were presented with a certificate and a log on dialog box. > Can't say what would have happened after that, though. > > What is the: > > EXACT IP address information on each of the ISA firewall's interfaces > EXACT IP address information on each of the interfaces on the device > in front of the ISA firewall EXACT configuration of the Web Publishing > Rule > > Thanks! > > Tom > www.isaserver.org/shinder > Tom and Deb Shinder's Configuring ISA Server 2004 > http://tinyurl.com/3xqb7 > MVP -- ISA Firewalls > > > > > -----Original Message----- > From: Marvin Cummings [mailto:MarvinC@xxxxxxxxx] > Sent: Friday, October 22, 2004 3:35 AM > To: [ISAserver.org Discussion List] > Subject: [isalist] The kerberos subsystem encountered a PAC > verification failure...ISA2K & W2k3... > > http://www.ISAserver.org > > Anyone come across the following errors in their event log: > > Event ID: 5719 > This computer was not able to set up a secure session with a domain > controller in domain mydomain due to the following: > There are currently no logon servers available to service the logon > request. > This may lead to authentication problems. Make sure that this computer > is connected to the network. If the problem persists, please contact > your domain administrator. > > ADDITIONAL INFO > If this computer is a domain controller for the specified domain, it > sets up the secure session to the primary domain controller emulator > in the specified domain. Otherwise, this computer sets up the secure > session to any domain controller in the specified domain. > > Event ID: 7 > The kerberos subsystem encountered a PAC verification failure. This > indicates that the PAC from the client nuisasrvr$ in realm > my.domain.com had a PAC which failed to verify or was modified. > Contact your system administrator. > > This ISA server computer isn't a domain controller and I can access > the domain controller fine. The ISA server passes a netdiag fine so > I'm kinda lost on where to check next. > > Any responses are appreciated. > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Other Internet Software Marketing Sites: > World of Windows Networking: http://www.windowsnetworking.com Leading > Network Software Directory: http://www.serverfiles.com > No.1 Exchange Server Resource Site: http://www.msexchange.org Windows > Security Resource Site: http://www.windowsecurity.com/ Network > Security Library: http://www.secinf.net/ Windows 2000/NT Fax > Solutions: http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > tshinder@xxxxxxxxxxxxxxxxxx > > > To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Other Internet Software Marketing Sites: > World of Windows Networking: http://www.windowsnetworking.com Leading > Network Software Directory: http://www.serverfiles.com > No.1 Exchange Server Resource Site: http://www.msexchange.org Windows > Security Resource Site: http://www.windowsecurity.com/ Network > Security Library: http://www.secinf.net/ Windows 2000/NT Fax > Solutions: http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > marvinc@xxxxxxxxx To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: steve@xxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx This E-Mail is confidential. It is not intended to be read, copied, disclosed or used by any person other than the recipient named above. Unauthorised use, disclosure, or copying is strictly prohibited and may be unlawful. Optimum IT Solutions Ltd disclaims any liability for any action taken in connection of this E-Mail. The comments or statements expressed in this E-Mail are not necessarily those of Optimum IT Solutions Ltd or its subsidiaries or affiliates. administrator@xxxxxxxxxx