| Author |
Message |
Richard Cass
Guest
|
 Posted:
Mon Jan 17, 2005 6:13 pm Post subject:
Running OWA & RWW between two domains |
|
|
I have 2 domains - one with ISA and one without; the one without also uses
dyndns.org to 'fix' my dns name.
I have run CEICW to open the correct ports, and at the non-ISA server I can
browse to the Internet URLs and it will allow me to perform the necessary
actions. However, trying to remotely access the non-ISA server from the ISA
featured server gives me a timeout if I use http:// or The page cannot be
displayed There is a message using https://.
I have folowed KB828053 using the option I believe is relevant, but this has
no effect. The domain names and IP ranges are different between each server,
and I am able to access the ISA server remotely.
Am I missing a setting somewhere? |
|
| Back to top |
|
 |
daniel
Guest
|
| Posted:
Tue Jan 18, 2005 8:45 am Post subject:
Re: Running OWA & RWW between two domains |
|
|
you need to create outbound packet filter rules (also protocol definitions
and rules if they don't exist) for the perimeter hosts (secure NAT client)
as they do not behave the same way as the firewall clients.
the article you refer to assumes you get at least as far as the web page so
I don't think it will supply you with the complete answer.
Check you can access the web from the ISA box first
both http/s
If not then create protocol rules for http and https
then create packet filters for 80 and 443
"Richard Cass" <richardcass_AT_NO_SPAM_micronav.co.uk> wrote in message
news:ujgYnwK$EHA.4072@TK2MSFTNGP10.phx.gbl...
| Quote: | I have 2 domains - one with ISA and one without; the one without also uses
dyndns.org to 'fix' my dns name.
I have run CEICW to open the correct ports, and at the non-ISA server I
can browse to the Internet URLs and it will allow me to perform the
necessary actions. However, trying to remotely access the non-ISA server
from the ISA featured server gives me a timeout if I use http:// or The
page cannot be displayed There is a message using https://.
I have folowed KB828053 using the option I believe is relevant, but this
has no effect. The domain names and IP ranges are different between each
server, and I am able to access the ISA server remotely.
Am I missing a setting somewhere?
|
|
|
| Back to top |
|
|
Richard Cass
Guest
|
| Posted:
Tue Jan 18, 2005 3:31 pm Post subject:
Re: Running OWA & RWW between two domains |
|
|
Daniel,
Thanks for getting back, but I am not sure that I understand.
I can only create these protocol rules and packet filters on the ISA
featured SBS2003 server. I already had an outbound packet filter for port
4125 in ISA, and the default installation allows ports 80 & 433 outbound.
From a client on the domain of the ISA SBS, I can ping the non-ISA SBS2003
server dns name (which as I say uses dyndns.org), and from a client on the
domain of the non-ISA server I can access OWA & Remote Web Workplace running
on the same server.
It is on a client behind the ISA that I cannot get to either http or https
for these features on the non-ISA SBS.
Richard
"daniel" <daniel@nospampreferkosherkingsleynetworks.com> wrote in message
news:%23Uik%23eS$EHA.1188@tk2msftngp13.phx.gbl...
| Quote: | you need to create outbound packet filter rules (also protocol definitions
and rules if they don't exist) for the perimeter hosts (secure NAT client)
as they do not behave the same way as the firewall clients.
the article you refer to assumes you get at least as far as the web page
so I don't think it will supply you with the complete answer.
Check you can access the web from the ISA box first
both http/s
If not then create protocol rules for http and https
then create packet filters for 80 and 443
"Richard Cass" <richardcass_AT_NO_SPAM_micronav.co.uk> wrote in message
news:ujgYnwK$EHA.4072@TK2MSFTNGP10.phx.gbl...
I have 2 domains - one with ISA and one without; the one without also uses
dyndns.org to 'fix' my dns name.
I have run CEICW to open the correct ports, and at the non-ISA server I
can browse to the Internet URLs and it will allow me to perform the
necessary actions. However, trying to remotely access the non-ISA server
from the ISA featured server gives me a timeout if I use http:// or The
page cannot be displayed There is a message using https://.
I have folowed KB828053 using the option I believe is relevant, but this
has no effect. The domain names and IP ranges are different between each
server, and I am able to access the ISA server remotely.
Am I missing a setting somewhere?
|
|
|
| Back to top |
|
|
daniel
Guest
|
| Posted:
Tue Jan 18, 2005 3:57 pm Post subject:
Re: Running OWA & RWW between two domains |
|
|
Sorry but I must have misunderstood, I thought you were trying to connect
from the ISA box itself where you need the filters etc.
Not sure about default install allowing those ports but if they're there
they're there.
connecting from a client machine behind the ISA shouldn't be an issue
providing you have the firewall client installed and the user has permission
to access the web.
Just check the basics first
make sure you can access regular internet sites from the client machine both
http&s
if thats no problem then it is likely to be a dns issue, your sbs box may be
caching the old ip of your dyndns box
ipconfig /flushdns check host file and dns server if running
test the publishing of the dyndns box from another network ie get a friend
to try it for you as well to rule this out.
also the error on the page will be helpful
"Richard Cass" <richardcass_AT_NO_SPAM_micronav.co.uk> wrote in message
news:ejyvJCU$EHA.3836@tk2msftngp13.phx.gbl...
| Quote: | Daniel,
Thanks for getting back, but I am not sure that I understand.
I can only create these protocol rules and packet filters on the ISA
featured SBS2003 server. I already had an outbound packet filter for port
4125 in ISA, and the default installation allows ports 80 & 433 outbound.
From a client on the domain of the ISA SBS, I can ping the non-ISA SBS2003
server dns name (which as I say uses dyndns.org), and from a client on the
domain of the non-ISA server I can access OWA & Remote Web Workplace
running on the same server.
It is on a client behind the ISA that I cannot get to either http or https
for these features on the non-ISA SBS.
Richard
"daniel" <daniel@nospampreferkosherkingsleynetworks.com> wrote in message
news:%23Uik%23eS$EHA.1188@tk2msftngp13.phx.gbl...
you need to create outbound packet filter rules (also protocol
definitions and rules if they don't exist) for the perimeter hosts
(secure NAT client) as they do not behave the same way as the firewall
clients.
the article you refer to assumes you get at least as far as the web page
so I don't think it will supply you with the complete answer.
Check you can access the web from the ISA box first
both http/s
If not then create protocol rules for http and https
then create packet filters for 80 and 443
"Richard Cass" <richardcass_AT_NO_SPAM_micronav.co.uk> wrote in message
news:ujgYnwK$EHA.4072@TK2MSFTNGP10.phx.gbl...
I have 2 domains - one with ISA and one without; the one without also
uses dyndns.org to 'fix' my dns name.
I have run CEICW to open the correct ports, and at the non-ISA server I
can browse to the Internet URLs and it will allow me to perform the
necessary actions. However, trying to remotely access the non-ISA server
from the ISA featured server gives me a timeout if I use http:// or The
page cannot be displayed There is a message using https://.
I have folowed KB828053 using the option I believe is relevant, but this
has no effect. The domain names and IP ranges are different between each
server, and I am able to access the ISA server remotely.
Am I missing a setting somewhere?
|
|
|
| Back to top |
|
|
|
|
|
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in