Saturday, November 17, 2012 12:12 PM
Im busy trying to test that our TMG is able to take https request for OWA on its external IP before getting our networks guys to configure the firewall to send external requests for OWA through it from its external IP. The TMG is currently configured as a back firewall. I have configured a rule that sends requests to our cas array. If I send a request directly to the cas array eg. https://*.*.*.*/owa/ I get the web app logon screen. If I try to do it through the TMG I get the message below. Im not sure what Im doing wrong. Your help would be greatly appreciated.
<id id="L_defaultr_3">The page cannot be displayed</id>
<id id="L_defaultr_5">Explanation: There is a problem with the page you are trying to reach and it cannot be displayed.</id>
Try the following:
- Refresh page: Search for the page again by clicking the Refresh button. The timeout may have occurred due to Internet congestion.
- Check spelling: Check that you typed the Web page address correctly. The address may have been mistyped.
- Access from a link: If there is a link to the page you are looking for, try accessing the page from that link.
Technical Information (for support personnel)
- Error Code: 403 Forbidden. The server denied the specified Uniform Resource Locator (URL). Contact the server administrator. (12202)
This is from the TMG live logDenied Connection ********* 11/17/2012 2:00:30 PM
Log type: Web Proxy (Reverse)
Status: 12202 Forefront TMG denied the specified Uniform Resource Locator (URL).
Rule: Default rule
Source: Perimeter (192.168.1**.*:26285)
Destination: Local Host (192.168.1**.*:443)
Request: GET http://192.168.*1.*/owa/
Filter information: Req ID: 0a08bc45; Compression: client=Yes, server=No, compress rate=0% decompress rate=0% ; FBA cookie: exists=no, valid=no, updated=no, logged off=no, client type=unknown, user activity=yes
Client agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.2; WOW64; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)
Object source: (No source information is available.)
Cache info: 0x0
Processing time: 1 MIME type:
Saturday, November 17, 2012 12:56 PMI notice its the default rule that is blocking the traffic, I had created a rule that was letting HTTP and HTTPS traffic to pass. Shouldnt that be enough to get by the default rule?
Sunday, November 18, 2012 2:40 PMIm surprised nobody is attempting to even answer this thread. Anyways I realised that the only way to bypass this error and get service is if I connect to the TMG from its public address that ultimately gets natted to the external interface IP of the TMG.
- Marked As Answer by Tshepo5 Sunday, November 18, 2012 2:40 PM
Tuesday, February 05, 2013 2:54 AMNew to the IT field but have run into this error recently; it appears to be spreading. In my limited understanding are you saying that connection is being made via http and NOT https?