RE: that old 12202 forbidden chessnut
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Thu, 22 Dec 2005 12:36:28 -0600
http://www.isaserver.org/articles/2004pubowartm.html
Thomas W Shinder, M.D.
Site: www.isaserver.org <http://www.isaserver.org/>
Blog: http://spaces.msn.com/members/drisa/
Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7>
MVP -- ISA Firewalls
**Who is John Galt?**
________________________________
From: Doige, Clayton [mailto:clayton.doige@xxxxxxxxxxx]
Sent: Thursday, December 22, 2005 9:54 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] that old 12202 forbidden chessnut
http://www.ISAserver.org
Some of you will recall a couple months back me having no
success with this error at all.
Now that things have been quiet around here this week, I have
had a chance to revisit things.
I uninstalled the original certificate authority I had created
here, and reinstalled one for cme-net.com. I again have gone through
Liran Zamir's Step By Step Publishing Article for publishing W2K3 OWA
over ISA 2K4 using Forms Based Authentication.
The name on the certificate is registered in DNS, and I can ping
that name and have it resolve to the correct IP Address from an external
computer. I have added this name to the ISA Server's host file with the
internal 10 range address.
When I go to the website, I am prompted to verify I want to
proceed with the untrusted certificate, which I do, and the OWA Form
opens on the page, I then put in my username and password (username
being domain\user format) and the 403 Forbidden pops up.
Interestingly enough, when I had this error before nothing
showed up in the Logs of the ISA Server, however now, it comes up with a
denied packet associated with port 443, https, with the username I am
putting in being referenced.
Is there some other rule that I need to create here?
Lastly, when I browse to the OWA site from the ISA Server
itself, before the certificate prompt comes up, a security warning is
displayed stating that certificate revocation information for the
previous certificate is unavailable do I wish to continue. I am guessing
this is due to the old cert with that internal reference being still
hanging around in IE somewhere, but will that be contributing to the
12202 issue from the public side?
Any help will be greatly appreciated, tomorrow being the last
day for me here this year, I would like to finish off on a positive.
Clayton Doige
IT Project Manager
CME Development Corporation
T: 020 7430 5355
M: 07932 653787
E:clayton.doige@xxxxxxxxxxx
W:www.cetv-net.com
______________________________________________________________________
This electronic mail message and any attached files contain
information intended for the exclusive use of the person to whom it is
addressed and may contain information that is proprietary, privileged,
confidential and/or exempt from disclosure under applicable law. If you
are not the intended recipient, you are hereby notified that any
viewing, copying, disclosure or distribution of this information may be
subject to legal restriction or sanction. If you are not an addressee,
please notify the sender immediately by electronic mail and delete the
original message without making any copies.
_____________________________________________________________________
------------------------------------------------------
List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion
List as: tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
