Server ISA Website publishing issue
- From: Mr. Cando <Mr. Cando@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 20 Nov 2006 11:06:02 -0800
Hi
I have an ISA server 2006 enterprise edition installed. Now, I need to
publish a website from the internal server (should accessible from the
external server). And I only have to publish selected folders of that
website. How do I do that. The configuration information in detail is given
below.
The ISA computer has three network adapters. The adapter details are given
below:
Local Area Connection 3:
10.1.12.10 – 10.1.12.255
10.255.2555.255 – 10.255.255.255
Local Area Connection 4
0.0.0.1 – 10.1.11.255, 10.1.13.0 – 10.1.14.255
10.1.16.0 – 10.1.30.255, 10.1.13.0 – 126.225.225.225
128.0.0.0 – 223.255.255.255, 240.0.0.0 – 255.255.255.254
Local Area Connection 5
10.1.15.0 – 10.1.15.255, 10.1.31.0 – 10.1.31.255
10.255.2555.255 – 10.255.255.255
In the ISA Management I have selected the network adapter Local Area
Connection 3 as the internal network. Therefore adapters 3 and 5 are hence
treated as external.
The network logic map is as follows:
IS: Internal Server
ISS: ISA SERVICES SERVER (runs Firewall)
ES: External Server
ICS: ISA CONFIG SERVER
ADS: Active Directory SERVER
IS (Gateway: IP of ICS) -----> ISS (Gateway: IP of ES) ------> ES
(10.1.12.10) (10.1.12.11, 10.1.14.10,
10.1.31.10) (10.1.14.11)
| |
| |
| |
ICS ADS (Website
hosted here) (10.1.31.13, 10.1.12.14)
(10.1.31.12, 10.1.12.13)
Therefore IS, ISS, ICS, ADS are in the internal network while ES is behaving
as external network.
After setting up the above networks and configuring it on the ISA Server
2006. Under the network rule I created a routing rule to route from external
to internal.
Then, I created a firewall rule under the firewall policy of the ISA
Management to allow http connection between the internal and external
network.
After allowing the changes I typed up the IP address of the ADS server
(10.1.12.13) on internet explore or ES and was able to access the website.
This means there was successful routing happening via ISA from ES to ADS.
Now I disabled the access rule and click on the "publish a website” link on
the ISA firewall policy. This opened up a web site publishing rule wizard and
I performed the steps stated below:
Give policy a name -> next -> select "allow" -> next -> select "publish a
website or load balancer" -> next -> Use "non secured..." -> next -> type in
the internal name of your server which runs the website (only the hostname
here!) -> next -> here specify the path in which the website you want to
publish resides -> next -> here the IP address). -> next -> here created a
new listener
-> a new Wizard comes up which again wants a name -> next -> choose "do not
require SSL..." -> next -> Select the appropriate network and/or a specific
IP address you want to use on your external interface -> next -> "no
authentication" -> next -> next -> finish
Back in the first wizard selected new listener and clicked next -> next ->
next -> next -> finish
Then I went on the ES server and I typed up the IP address of the ADS server
(10.1.12.13) on internet explore of ES. It didn't work I got a page cannot be
displayed error. In the ISA Management under the monitoring logging section
it says connection denied default rule Source Network : Internal and
Destination Network: External.
Can any one help? I am really trying to solve this problem but cannot
understand what I need to do next.
Do I have to create a web chaining rule? Configure DNS (I am happy with IP
address though)?
I am usnig ISA SERVER 2006 Enterprise edition.
Any kind of help or assistance will be greatly appreciated.
Thank you,
Mr.Cando
.
- Follow-Ups:
- Re: Server ISA Website publishing issue
- From: Nathan B [MSFT]
- Re: Server ISA Website publishing issue
- Prev by Date: Re: PUblish multiple SSL websites
- Next by Date: Re: Server ISA Website publishing issue
- Previous by thread: Re: PUblish multiple SSL websites
- Next by thread: Re: Server ISA Website publishing issue
- Index(es):
Relevant Pages
|
Loading
