Ok, help me clear up something here: Does the Inbound web listener use the external or internal IP to listen for inbound requests? I thought it was the external. Placing the external on a different subnet doesn't require changes to be made to the router? Proceeding to change external IP. On Fri, 22 Oct 2004 11:47:20 -0300, Steve Moffat <steve@xxxxxxxxxx> wrote: > http://www.ISAserver.org > > External and internal need to be different subnets. > > > > -----Original Message----- > From: Marvin Cummings [mailto:MarvinC@xxxxxxxxx] > Sent: Friday, October 22, 2004 11:35 AM > To: ISA Mailing List > Subject: [isalist] RE: The kerberos subsystem encountered a PAC > verification failure...ISA2K & W2k3... > > http://www.ISAserver.org > > Correct. The site's accesible externally and internally nwo that I've > added it to my host file. My settings are listed as follows: > Back to Split-DNS > Internal IP: 192.168.1.8 > External IP: 192.168.1.2 > Router IP: 192.168.1.1 > LAT: 192.168.1.0 - 192.168.1.255 > Web Listener Config: > IP: 192.168.1.2 > TCP Port: 80 > SSL port: 443 > Enable SSL Listeners box checked > Web Listener Properties Sheet: > Server: ISA server > IP Address: 192.168.1.2 - Maybe this is the problem???? > Use a server certificate to authenticate to web clients - box > unchecked > Authentication: Basic with this domain - box unchecked > Integrated box checked > > thnks > > On Fri, 22 Oct 2004 05:09:49 -0500, Thomas W Shinder > <tshinder@xxxxxxxxxxx> wrote: > > http://www.ISAserver.org > > > > Hi Marvin, > > > > I thought the other day we demonstrated that your site actually did > > work. We were presented with a certificate and a log on dialog box. > > Can't say what would have happened after that, though. > > > > What is the: > > > > EXACT IP address information on each of the ISA firewall's interfaces > > EXACT IP address information on each of the interfaces on the device > > in front of the ISA firewall EXACT configuration of the Web Publishing > > > Rule > > > > Thanks! > > > > Tom > > www.isaserver.org/shinder > > Tom and Deb Shinder's Configuring ISA Server 2004 > > http://tinyurl.com/3xqb7 > > MVP -- ISA Firewalls > > > > > > > > > > -----Original Message----- > > From: Marvin Cummings [mailto:MarvinC@xxxxxxxxx] > > Sent: Friday, October 22, 2004 3:35 AM > > To: [ISAserver.org Discussion List] > > Subject: [isalist] The kerberos subsystem encountered a PAC > > verification failure...ISA2K & W2k3... > > > > http://www.ISAserver.org > > > > Anyone come across the following errors in their event log: > > > > Event ID: 5719 > > This computer was not able to set up a secure session with a domain > > controller in domain mydomain due to the following: > > There are currently no logon servers available to service the logon > > request. > > This may lead to authentication problems. Make sure that this computer > > > is connected to the network. If the problem persists, please contact > > your domain administrator. > > > > ADDITIONAL INFO > > If this computer is a domain controller for the specified domain, it > > sets up the secure session to the primary domain controller emulator > > in the specified domain. Otherwise, this computer sets up the secure > > session to any domain controller in the specified domain. > > > > Event ID: 7 > > The kerberos subsystem encountered a PAC verification failure. This > > indicates that the PAC from the client nuisasrvr$ in realm > > my.domain.com had a PAC which failed to verify or was modified. > > Contact your system administrator. > > > > This ISA server computer isn't a domain controller and I can access > > the domain controller fine. The ISA server passes a netdiag fine so > > I'm kinda lost on where to check next. > > > > Any responses are appreciated. > > > > ------------------------------------------------------ > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > > ------------------------------------------------------ > > Other Internet Software Marketing Sites: > > World of Windows Networking: http://www.windowsnetworking.com Leading > > Network Software Directory: http://www.serverfiles.com > > No.1 Exchange Server Resource Site: http://www.msexchange.org Windows > > Security Resource Site: http://www.windowsecurity.com/ Network > > Security Library: http://www.secinf.net/ Windows 2000/NT Fax > > Solutions: http://www.ntfaxfaq.com > > ------------------------------------------------------ > > You are currently subscribed to this ISAserver.org Discussion List as: > > tshinder@xxxxxxxxxxxxxxxxxx > > > > > > To unsubscribe visit > > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > ------------------------------------------------------ > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > > ------------------------------------------------------ > > Other Internet Software Marketing Sites: > > World of Windows Networking: http://www.windowsnetworking.com Leading > > Network Software Directory: http://www.serverfiles.com > > No.1 Exchange Server Resource Site: http://www.msexchange.org Windows > > Security Resource Site: http://www.windowsecurity.com/ Network > > Security Library: http://www.secinf.net/ Windows 2000/NT Fax > > Solutions: http://www.ntfaxfaq.com > > ------------------------------------------------------ > > You are currently subscribed to this ISAserver.org Discussion List as: > > > marvinc@xxxxxxxxx To unsubscribe visit > > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Other Internet Software Marketing Sites: > World of Windows Networking: http://www.windowsnetworking.com Leading > Network Software Directory: http://www.serverfiles.com > No.1 Exchange Server Resource Site: http://www.msexchange.org Windows > Security Resource Site: http://www.windowsecurity.com/ Network Security > Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: > http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > steve@xxxxxxxxxx To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > > This E-Mail is confidential. It is not intended to be read, copied, disclosed > or used by any person other than the recipient named above. > > Unauthorised use, disclosure, or copying is strictly prohibited and may be > unlawful. Optimum IT Solutions Ltd disclaims any liability for any action > taken in connection of this E-Mail. The comments or statements expressed in > this E-Mail are not necessarily those of Optimum IT Solutions Ltd or its > subsidiaries or affiliates. > > administrator@xxxxxxxxxx > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Other Internet Software Marketing Sites: > World of Windows Networking: http://www.windowsnetworking.com > Leading Network Software Directory: http://www.serverfiles.com > No.1 Exchange Server Resource Site: http://www.msexchange.org > Windows Security Resource Site: http://www.windowsecurity.com/ > Network Security Library: http://www.secinf.net/ > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > marvinc@xxxxxxxxx > To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx >