The scenario was a simple website publishing through ISA server 2006. While accessing the HTTPS website from a client, we were seeing a Failed Connection attempt in the ISA logs.
More specifically, the error message was pointing to Error code 13, “the data is invalid”. After making sure that the rule elements are configured correctly, we collected ISA data packager with the “Web Proxy and Web Publishng” template by reproducing
the issue, along with a decrypted SSL trace from the ISA server.
From the decrypted SSL trace, we could identify that the ISA server returned a response code of 400 (BAD REQUEST). Upon further inspection of the HTTP headers and payload (the
request was a POST), we could not find any issue which was obvious. So we looked further into the ISATracing file, which is a component level trace collected by the ISA Data Packager.
We also used a web debugging tool to construct a similar HTTP POST request with the same payload and same headers and that worked as expected !! When we checked the
network trace, we could see that the header was not sent as a “Multi-line”.
0d – Carriage Return
0a – New line (Line Feed)
09 – Horizontal tab
More information about the byte codes and their corresponding mappings can be found in RFC2616.
In order to resolve the issue, we opened the registry editor on the problematic server and navigated to
and added a DWORD value
and set the value to
1, and then rebooted the server.
The issue no longer occurred!! The client was able to access the site successfully.
The solution to this issue has been addressed in detail in the following KB article:
This fix appends the continuation tab thereby enabling the ISA server to successfully read the headers and process it further.
We hope this post would be helpful in resolving issues that you may face while publishing web applications through ISA/TMG. But always remember not to make any changes
to the registry unless you have isolated the root cause of the issue. Also, as a general best practice, take a backup of the registry before making modifications.
Security Support Engineer – MSD Security Team
Security Support Escalation Engineer - MSD Security Team