none
status: 10060 A connection attempt failed because the connected party did not properly respond

    Question

  • Hi,

    I've enabled some services from a purchased  GoDaddy SSL certificate in Exchange 2007, then imported that certificate in ISA along its private key , then publish a Web Mail Web server then created my Web listener.

    From the public network, when I try to connect to the public FQDN, I get the below error message:

    Log type: Web Proxy (Reverse)
    Status: 10060 A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.  
    Rule: OWA
    Source: External ( 60.242.187.32:0)
    Destination: (webmail.domain.com.au 192.168.0.110:443)
    Request: GET https://192.168.0.110:443/owa
    Filter information: Req ID: 063a7718  
    Protocol: https
    User: anonymous

    Not sure what's this reverse proxy means. Any idea?

    Thursday, March 08, 2012 11:49 AM

Answers

  • Hi

    reverse proxy means that it is the reverse proxy that is reporting the problem - e.g. this is what is used for web publishing. Forward proxy is for outbound web proxy traffic from internal clients.

    A 10060 error message indicates a misconfiguration of some sort - the error means that with the current configuration the published server (192.168.0.110) does not respond.

    Possible causes:

    - IP address is incorrect (I would assume that you already checked this)

    - Internal web server does not listen to port 443

    - Routing issues between ISA and 192.168.0.110, either ISA cannot reach the server or the server cannot find its way back (or both for that matter). Make sure to, on the 192.168.0.110 point to the ISA Server as default gateway or add a persistent route unless they are on the same IP subnet.

    - If they are on the same IP subnet, try to change the NAT configuration, e.g "request appear to come from the original client" etc. Change it to "Request appear to come from ISA" (or whatever the exact wording is).


    Hth, Anders Janson Enfo Zipper

    • Marked as answer by JJLSuper Friday, March 09, 2012 1:10 PM
    Thursday, March 08, 2012 1:26 PM

All replies

  • Hi

    reverse proxy means that it is the reverse proxy that is reporting the problem - e.g. this is what is used for web publishing. Forward proxy is for outbound web proxy traffic from internal clients.

    A 10060 error message indicates a misconfiguration of some sort - the error means that with the current configuration the published server (192.168.0.110) does not respond.

    Possible causes:

    - IP address is incorrect (I would assume that you already checked this)

    - Internal web server does not listen to port 443

    - Routing issues between ISA and 192.168.0.110, either ISA cannot reach the server or the server cannot find its way back (or both for that matter). Make sure to, on the 192.168.0.110 point to the ISA Server as default gateway or add a persistent route unless they are on the same IP subnet.

    - If they are on the same IP subnet, try to change the NAT configuration, e.g "request appear to come from the original client" etc. Change it to "Request appear to come from ISA" (or whatever the exact wording is).


    Hth, Anders Janson Enfo Zipper

    • Marked as answer by JJLSuper Friday, March 09, 2012 1:10 PM
    Thursday, March 08, 2012 1:26 PM
  • Thanks Anders....it is split DNS issue....i wasn't able to ping  the public FQDN internally due to missing MX record in the internal DNS.
    • Edited by JJLSuper Friday, March 09, 2012 1:11 PM
    Friday, March 09, 2012 1:10 PM