[isapros] Re: Publishing Fedora-PHPticket System using ISA 2006 SE
- From: Jim Harrison <Jim@xxxxxxxxxxxx>
- To: "isapros@xxxxxxxxxxxxx" <isapros@xxxxxxxxxxxxx>
- Date: Sun, 20 Jul 2008 09:10:45 -0700
"also a KB " means that this behavior is also documented in a KB;
http://support.microsoft.com/kb/281985/.
This KB needs updating to include ISA 2004 & 2006, but the behavior itself
hasn't changed.
The way to validate policy changes is to make sure that your test client has no
sessions with ISA. Monitoring, Sessions will show any active sessions and you
can kill them there as well.
From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On
Behalf Of Gene Sibbs
Sent: Friday, July 18, 2008 12:55 PM
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Re: Publishing Fedora-PHPticket System using ISA 2006 SE
Hi
My web listeners are as follows:
External Web Site - OWA (SSL) works ok - no problems at all.
External Web Site - TicketSupport (HTTP) - acting up on me.
1. you changed the wrong listener - not real, I changed the External Web Site -
TicketSupport (HTTP)
2. you didn't wait for ISA to sync with CSS (Ent Ed only) - running ISA Server
2006 SE
3. your test client still has an active session with ISA (policy changes don't
affect active sessions - also a KB) - I was RDP into ISA Server from another
client. I don't understand what do you meant by -"also a KB"?
Any Resolution to this?
--- On Fri, 7/18/08, Jim Harrison <Jim@xxxxxxxxxxxx> wrote:
From: Jim Harrison <Jim@xxxxxxxxxxxx>
Subject: [isapros] Re: Publishing Fedora-PHPticket System using ISA 2006 SE
To: "isapros@xxxxxxxxxxxxx" <isapros@xxxxxxxxxxxxx>
Date: Friday, July 18, 2008, 4:45 PM
"no joy" and "no luck" aren't anything to work from.
Have the symptoms changed?
If not, it's probable that:
1. you changed the wrong listener
2. you didn't wait for ISA to sync with CSS (Ent Ed only)
3. your test client still has an active session with ISA (policy changes don't
affect active sessions - also a KB)
Jim
From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On
Behalf Of Gene Sibbs
Sent: Friday, July 18, 2008 3:13 AM
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Re: Publishing Fedora-PHPticket System using ISA 2006 SE
Still no joy.
Followed this link http://support.microsoft.com/kb/885186
Also, allowed authentication over HTTP in the advanced properties, but no luck.
Please help.
--- On Sun, 7/13/08, Jim Harrison <Jim@xxxxxxxxxxxx> wrote:
From: Jim Harrison <Jim@xxxxxxxxxxxx>
Subject: [isapros] Re: Publishing Fedora-PHPticket System using ISA 2006 SE
To: "isapros@xxxxxxxxxxxxx" <isapros@xxxxxxxxxxxxx>
Date: Sunday, July 13, 2008, 11:06 PM
Your new web site is requiring some form of authentication. By default, ISA
disallows authentication over unencrapted HTTP (as it should!).
You *can* allow authentication over HTTP in the advanced properties of the
listener "Authentication" context, but this is ill-advised except as a
*TEMPORARY* troubleshooting step.
Use an SSL listener for this connection and you should be fine.
From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On
Behalf Of Gene Sibbs
Sent: Sunday, July 13, 2008 9:38 AM
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Re: Publishing Fedora-PHPticket System using ISA 2006 SE
Hi Steve,
owa is using SSL publishing already. I have tried to create a web publishing
rule that points to fc5 webserver, but it fails with this error msg from
outside:
"Error Code: 403 Forbidden. ISA Server is configured to block HTTP requests
that require authentication. (12250)."
Here is the steps followed:
ISA Server (Firewall Policy - Web Publishing Rule Wizard - Rule
Name:[TicketSystem] - Allow - Publish a single web site - use non-secured
connection...- internal site name[fc0-01.eslab.lan [on computer
name/ip:10.11.1.40] - path [/ticket] - public name:[ dy-oISA.dyndns.org] -
Select web listener: I created a new weblistener [WebSupport listener] - do not
require SSL secured connections with clients - check external NIC - basic - end
then NEXT all the way out.
Any missing link?
--- On Sun, 7/13/08, Steve Moffat <steve@xxxxxxxxxx> wrote:
From: Steve Moffat <steve@xxxxxxxxxx>
Subject: [isapros] Re: Publishing Fedora-PHPticket System using ISA 2006 SE
To: "ISAPros Mailing List" <isapros@xxxxxxxxxxxxx>
Date: Sunday, July 13, 2008, 6:27 PM
You need to create a web publishing rule that points to your webserver. If you
aren't already publishing owa securely, now is the time, otherwise you will
need to use a port other than 80 for your ticket system.
S
From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On
Behalf Of Gene Sibbs
Sent: Sunday, July 13, 2008 11:58 AM
To: ISAPros Mailing List
Subject: [isapros] Publishing Fedora-PHPticket System using ISA 2006 SE
Hi
I am running a very small network at home, and I would like to publish an open
source ticket management system (http://sourceforge.net/projects/ticket/)
installed and running on fedora 5 server.
My Small infrastructure is configured as follows:
(Internet)
|
|
DSL (Router) --- 192.168.1.1
|
|
|
ISA 2006 (ExternalNIC) ---192.168.1.4
||----ISA 2006 (InternalNIC) ---10.11.1.250
|
[Switch]
|
|DC-Server (10.11.1.20) - Exch-Server(10.11.1.30) Fedora-PHPticket Server
(10.11.1.40)
On the ISA Server I installed DynDNS Updater which sync with DynDNS.com for
host updates (dy-oISA.dyndns.org ). This host allows me to access OWA, and RDP
when I'm on the road.
How do I go about configuring ISA box to publish this ticket management system?
Internal I just access it via the IP address (http://10.11.1.40/ticket)
Please help
Many thanks Gene
Other related posts:
