UAG 2010 SP1 portal publishing problems RRS feed

  • Question

  • We have UAG 2010 SP1 server and working direct access deployment. I want to publish HTTPS portal trunk. I have two consecutive IP addresses reserved for direct access and third IP address reserved for HTTPS portal trunk.

    When I create HTTPS portal trunk, UAG creates portal web site correctly in IIS, and HTTPS binding certificate is the right one. However, when I try to access the portal web site using HTTPS protocol, UAG redirects the connection to HTTP protocol and port 6001 in default web site . I receive the following error:

    HTTP Error 403.4 - Forbidden
    The page you are trying to access is secured with Secure Sockets Layer (SSL).

    Module IIS Web Core
    Notification BeginRequest
    Handler ASPClassic
    Error Code 0x80070005
    Requested URL http://localhost:6001/InternalSite/InstallAndDetect.asp?resource_id=2&login_type=8&site_name=trunk1&secure=1&orig_url=http://localhost:6001/Securetrunk1PortalHomePage/
    Physical Path C:\Program Files\Microsoft Forefront Unified Access Gateway\von\InternalSite\InstallAndDetect.asp
    Logon Method Not yet determined
    Logon User Not yet determined

    What's the problem?



    Monday, January 17, 2011 7:31 AM

All replies

  • I've seen some wierd 403 errors when creating https trunks recently as well.   I think issuing an iisreset will solve it.   Or if not, try to create an http redirect trunk, activate, and then issue an iisreset. 
    Tuesday, January 18, 2011 5:05 PM
  • Hi,

    Did you configure any apps on the trunk before activating the configuration? There have been some issues if "empty" portal is published.

    I would propose´

    1. Delete portal IIS site from IIS manager
    2. Run IISRESET
    3. Add application to portal
    4. Activate configuration
    5. Test

    This have worked for me atleast.

    BR, TommiK

    P.S Verify that defaultapppool is running on IIS. I had some issues with that after SP1 upgrade

    Tuesday, January 18, 2011 5:35 PM
  • Tried that, unfortunately it didn't help. Defaultapppool is running.

    Wednesday, January 19, 2011 12:14 PM
  • Hi Samuli

    The error you received message indicates that “The page you are trying to access is secured with Secure Sockets Layer (SSL)”. The URL that generated this error is, as per the error message: Requested URL http://localhost:6001/InternalSite/InstallAndDetect.asp?...

    The resources located in the InternalSite folder, which is running within the context of the Default Web Site on the UAG server, should not require SSL (do not be mistaken by the fact that end users are accessing the UAG portal with SSL. Once the HTTPS request gets to UAG, after it goes through different processes, it is then sent internally, within the UAG server, to http://localhost:6001/InternalSite/...)

    It looks like someone or something has changed the configuration of the Default Web Site, or of the InternalSite directory, to require SSL. Take a look in IIS Manager | Default Web Site | SSL Settings. Is Require SSL enabled?

    • Proposed as answer by Ran [MSFT] Wednesday, June 1, 2011 8:39 AM
    Wednesday, January 19, 2011 1:20 PM