Re: page not found at first time starting IE on XP with ISA
- From: "Brajesh Ranjan Panda" <brajesh@xxxxxxxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Mon, 29 Mar 2004 11:55:11 +0530
Hi Sebastian,
Can u describe the article in English, I won't be able to understand that
due to different language.....Pls give some time...
Thanks in Advance
Regards
Brajesh Ranjan Panda
----- Original Message -----
From: "Sebastian van Dijk" <sebastian@xxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Wednesday, March 24, 2004 2:03 PM
Subject: [isalist] Re: page not found at first time starting IE on XP with
ISA
> http://www.ISAserver.org
>
> Hi Jim
>
> I started the post on another newsgroup too...
> There is a hotfix for IE !!
>
> The topic is in dutch but the KB articles from microsoft can be found
there
> http://gathering.tweakers.net/forum/list_messages/891858
>
> Regards,
>
> Sebastian
>
>
>
> -----Oorspronkelijk bericht-----
> Van: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
> Verzonden: dinsdag 23 maart 2004 16:44
> Aan: [ISAserver.org Discussion List]
> Onderwerp: [isalist] Re: page not found at first time starting IE on XP
> with ISA
>
>
> http://www.ISAserver.org
>
> Two or more "407" responses are expected as part of the negotiations, as
you stated. This is just the way authentication works.
> If IE was ignoring the proxy settings, you would not see those requests in
the web proxy log, since IE would be trying to make a
> direct, not proxy request to TCP-80.
> Is ISA listening set to support automatic discovery?
>
> Installing the FW client won't help here.
>
> Jim Harrison
> MCP(NT4, W2K), A+, Network+, PCG
> http://www.microsoft.com/isaserver
> http://isaserver.org/Jim_Harrison
> http://isatools.org
>
> Read the help, books and articles!
> ----- Original Message -----
> From: "Sebastian van Dijk" <sebastian@xxxxxxxxxxxx>
> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> Sent: Tuesday, March 23, 2004 07:31
> Subject: [isalist] Re: page not found at first time starting IE on XP with
ISA
>
>
> http://www.ISAserver.org
>
> Hi Jim
>
> Well, i've taken a look at some settings.
> Proxy settings in IE are manually set to the server at port 8080.
> No automatic configuration or URL.
> ISA uses the same listener for outgoing webrequests on port 8080
> ISA is using integrated authentication and is asking anonymous users for
authentication.
>
> No strange things in the firewall log BUT in the webproxy log i found the
following :
>
> I see an anonymous user trying to open a page ..for example google.com.
(probably because of a default gateway set at the client)
> Then it gets a 407 page
> And a line below i see the user open the page.
>
> This happens alot !
>
> So probably the problem is located in the proxy negotiation in IE.
> Like it first bypasses the proxy setting in IE and then tries the
credentials and settings.....
>
> I even tried to install the proxy client...that gave the same results
>
> Thanks in advance
>
> Sebastian
>
>
>
>
> -----Oorspronkelijk bericht-----
> Van: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
> Verzonden: dinsdag 23 maart 2004 15:06
> Aan: [ISAserver.org Discussion List]
> Onderwerp: [isalist] Re: page not found at first time starting IE on XP
> with ISA
>
>
> http://www.ISAserver.org
>
> Hi Sebastian,
>
> Lots of supposition, there.
> Have you reviewed the ISA web proxy log to see what was being denied?
> Do you get the same behavior for the clients on both networks?
> Exactly what are the IE settings:
> - Automatic detection
> - detection URL
> - manual entry
> ?
> As far as what suthentication is being used, it depends on what auth
options you've selected in the outbound web request listener.
> What selections have you made there, and are they identical on both ISA
servers?
>
> Add "Rule#1" and "Rule#2" to the web proxy and firewall logs to get some
useful information.
>
> Jim Harrison
> MCP(NT4, W2K), A+, Network+, PCG
> http://isaserver.org/Jim_Harrison/
> http://isatools.org
> Read the help / books / articles!
>
>
> On Tue, 23 Mar 2004 14:44:32 +0100
> "Sebastian van Dijk" <sebastian@xxxxxxxxxxxx> wrote:
> http://www.ISAserver.org
>
> We have the following problem at 2 customer sites at the moment ;
>
> Situation 1 : Microsoft SBS 2003 + ISA + windows XP clients
> Situation 2 : MS win 2000 server + ISA + windows XP clients
>
> In both situations the servers have 2 NIC's,1 LAN and 1 to a Cisco DSL
connection.
> Regarding we have 2 different server Operating Systems i guess the problem
is in the combination of ISA and Windows XP.
>
> The XP clients do not have the firewall client installed, only the proxy
settings in Internet Explorer are configured
>
> Now the following problem :
> When people logon to their system and start internet explorer they always
get 'page not found' error.
> After refreshing the page or by retyping the url the internet connection
just works as the homepage does.
> The users all have access to http(s) in ISA
>
> For now what I have heard the following would cause this effect :
> If Explorer is started, the first authentication is done by the XP system.
> And because the XP systems are not explicitly allowed in ISA they will get
an access denied.
>
> 403 Forbidden - The ISA Server denies the specified Uniform Resource
Locator (URL). (12202)
>
> When typing in the url for the page again or by refreshing the user
authentication would be used, so access is granted.
>
> All Windows XP systems are up to date with the latest fixes by SUS and
they are using Internet Explorer 6.
>
> Has anyone seen this problem before ? Can someone confirm or reject the
statement above ?
>
> Or is there a solution for this problem ?
>
>
> Met vriendelijke groet,
>
>
>
>
> Sebastian van Dijk
>
>
>
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
> To unsubscribe send a blank email to $subst('Email.Unsub')
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
s.vandijk@xxxxxxxxxxxx
> To unsubscribe send a blank email to $subst('Email.Unsub')
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
> To unsubscribe send a blank email to $subst('Email.Unsub')
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
s.vandijk@xxxxxxxxxxxx
> To unsubscribe send a blank email to $subst('Email.Unsub')
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
brajesh@xxxxxxxxxxxxxxxxx
> To unsubscribe send a blank email to $subst('Email.Unsub')
>
Other related posts:
