locked
Publishing Exchange 2007 OWA from ISA Server 2006 ERROR

    Pregunta

  • Hello everyone, I'm trying to publish OWA in Exchange 2007 via ISA Server 2006.
    I follow all the steps in the documentation, but the ISA server does not accept the rule that I believe him and dismisses the https requests with the default rule.

    The ISA server is installed IIS 6.0 using port 443, does this can cause problems?

    Moreover, from the ISA server I can not ping the Exchange 2007 server.

    In the event viewer ISA Server events occur:
    Microsoft ISA Server Web Proxy id: 14 148
    The Web proxy filter can not bind its socket to 127.0.0.1, port 443. This can be caused by another service already using the same port est, or a network adapter is not functional. To resolve this problem, restart the Microsoft Firewall service. The code shown error in the data area of the event properties indicates the cause of error.

    Microsoft ISA Server Web Proxy id: 21 317
    The ISA server detect that the rule of web publication of specific RPC HTTPS connections to the server or set of published web servers, while the web listener rule is used in HTTP client connections. In this configuration, the HTTPS LINKS LINKS traducirn to HTTP, which can compromise security. You can prevent this behavior by adding global assignments for translation of LINKS configuration. For this reason, the Administracin console tree of ISA Server, Configuring and click General. These follow in the details pane, click Configure translation of LINKS and the Global Mappings tab, use the loot Add to create additional global assignments.

    Thanks!

    Microsoft Certified IT Professional Server Administrator
    lunes, 07 de junio de 2010 22:09

Todas las respuestas

  • Remove IIS from the ISA Server and then reboot...
    Jason Jones | Forefront MVP | Silversands Ltd | My Blogs: http://blog.msedge.org.uk and http://blog.msfirewall.org.uk
    martes, 08 de junio de 2010 10:57
  • Hi,

     

    Thank you for the post.

     

    According to the description, This issue can occur if the Web Proxy service is unable to register itself to listen on the port that is specified. The Web Proxy service cannot listen on the port if the port is being used by another program, usually Internet Information Services (IIS) or another Web server. To resolve this issue, please refer to this link: http://support.microsoft.com/kb/925733/en-us

     

    Regards,


    Nick Gu - MSFT
    miércoles, 09 de junio de 2010 6:28
  • Hello, I stopped the IIS services on the ISA Server and now it seems I can access the OWA of Exchange 2007 from outside the LAN. But I can not validate, insert it in the home page of OWA username and password and I constantly ask him again without letting me enter. With the same username and password from the LAN lets me correctly. Do you know that might be? THANK YOU
    Microsoft Certified IT Professional Server Administrator
    sábado, 26 de junio de 2010 7:31
  • "but I can not validate, insert it in the home page of OWA username and password and I constantly ask him again without letting me enter"

    This is entirely different from your core problem. However, this just means that the authentication is failing somewhere. To know if it is at Exchange or at ISA, just bypass the auth at ISA (No auth at listner and rule set for all user, delgation set to NO DELGN BUT CLIENT MAY AUTH DIRECTLY) and see if that works.

    If it does, auth is failing at ISA. Let me what kind of auth are you using at listner, rule and delegation? Use www.testexchangeconnectivity.com for testing it.

     


    Regards, Amit Saxena. Keep Walking!
    sábado, 26 de junio de 2010 22:39
  • Hi Amit, thanks for reply. If now my problem is what I mentioned above.

    I did what you told me but still does not work, the OWA on the LAN is working properly.

    I've been looking for information and found that, according to Microsoft, you need a hotfix to the Exchange 2007 OWA publishing in ISA Server 2006, you copy the links.

    That update is available publishing Supports Microsoft Exchange Server 2007 behind Internet Security and Acceleration (ISA) Server 2006
    http://support.microsoft.com/kb/925403/


    Update for Publishing Microsoft ® Exchange Server 2007 for Microsoft ® Internet Security and Acceleration (ISA) Server 2006 - Spanish
    http://www.microsoft.com/downloads/details.aspx?displaylang=es&FamilyID=82b717ce-5b63-4098-8425-bbf4a5b7e09c

    do you think?

    Microsoft Certified IT Professional Server Administrator
    domingo, 27 de junio de 2010 7:49
  • Hi,

    "I did what you told me but still does not work, the OWA on the LAN is working properly"

    Do you mean that auth fails even after bypassing the auth on ISA? If that is the case, I can gurantee that we need to look at exchange settings. Are you using different external and internal domain names?

    This update is pre SP1. Do you have SP1? Try installing this hotfix and see if it works. Make sure you use the wizard to publish exchange and not the manual rule, as it does not set the vendor parameters automatically.

     


    Regards, Amit Saxena. Keep Walking!
    domingo, 27 de junio de 2010 9:34
  • test with pass thru authentication explained below

    http://blogs.technet.com/b/sooraj-sec/archive/2009/12/18/pass-through-authentication-on-isa-server-2006.aspx

    and see if are able to access OWA externally

    yes or no will tell us what to do next :)

    Thx

    Suraj Singh

    jueves, 23 de septiembre de 2010 20:21
  • any updates?

    Thx

    suraj singh

    viernes, 24 de septiembre de 2010 17:35