Re: Accessing External OWA from behind ISA
From: Tony Su (anonymous_at_discussions.microsoft.com)
Date: 05/12/04
- Next message: Stefan Bako: "MSN Audio / Video"
- Previous message: Phillip Windell: "Re: Odd Ports Being Allowed"
- In reply to: Steve: "Re: Accessing External OWA from behind ISA"
- Next in thread: Steve: "Re: Accessing External OWA from behind ISA"
- Reply: Steve: "Re: Accessing External OWA from behind ISA"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 12 May 2004 11:00:04 -0700
When ISA is in cache-only mode, it functions as it is
described... mainly to cache with little to no
restrictions on granting access, only as you describe by
enforcing authentication to AD.
For this to work, you only need to configure your Web
Browser to point to ISA on port 8080, you do not need any
other software.
I have found though that if OWA itself is deployed on ISA,
it should require <only> Basic authentication for a remote
client behind another ISA to work. Enabling Integrated and
Digest is supposed to work but in my experience cause
problems like what you describe.
The other thing to note is that your original post
described these Users as "Visitors." Obviously, if you
will be requiring AD authentication you will need to
provide your visitors with valid credentials.
Tony Su
>-----Original Message-----
>Cache mode.
>
>I really only need a proxy server that authenticates AD
for access,
>like MS Proxy was. Is this even the right product for
me? It seems
>to be lacking in a lot of support for things that used to
just work...
>
>I appreciate your help, Tony.
>
>"Tony Su" <anonymous@discussions.microsoft.com> wrote in
message news:<b6ef01c43778$920c0140$a101280a@phx.gbl>...
>> Let's go back to the beginning...
>>
>> Do you have ISA installed in Caching only mode (one
NIC),
>> Firewall Mode or Integrated Mode (both two NICs)?
>>
>> Tony Su
>>
>>
>>
>> >-----Original Message-----
>> >No one is allowed directly out of the gateway- that's
>> what ISA is for,
>> >to act as a proxy. It is my understanding that I need
>> the firewall
>> >client installed on workstations to use the proxy to
surf.
>> >
>> >(Clients with own translations referenced below are
>> servers that need
>> >them to do mail, DNS, that sort of thing- not desktop
>> clients. Just
>> >did to make sure outside server was working.)
>> >
>> >Back to the original question: Why can't a client
using
>> ISA as a
>> >proxy connect to external OWA?
>> >
>> >"Tony Su" <anonymous@discussions.microsoft.com> wrote
in
>> message news:<b06101c436d1$7a16dd00
$a501280a@phx.gbl>...
>> >> First, a FW client shouldn't have anything to do
with
>> OWA
>> >> in cache mode (normally).
>> >>
>> >> The real question is whether your visitors are
>> configured
>> >> with the proper Web Proxy browser settings if they
are
>> >> going to use your ISA.
>> >>
>> >> But, since these are visitors, I'd just point them
>> >> directly to your Gateway instead of going through
ISA.
>> >>
>> >> Tony Su
>> >>
>> >>
>> >>
>> >>
>> >> >-----Original Message-----
>> >> >I have some visitors in who need to access their
own
>> OWA
>> (Exchange
>> >> >2000, no SSL) from PCs on my network. Am running
>> ISA2000
>> in cache
>> >> >mode, with clients running FW client on Win2K Pro,
IE
>> 6.
>> When the
>> >> >people enter their username, password, and domain
it
>> doesn't take, and
>> >> >re-prompts for credential.
>> >> >
>> >> >Of course is I go to a client with its own FW
>> translation
>> it works
>> >> >just fine... must be ISA.
>> >> >
>> >> >Weblog shows TCP Get requests going out, and that's
>> it.
>> What's up
>> >> >here?
>> >> >
>> >> >Thanks in advance.
>> >> >Steve
>> >> >.
>> >> >
>> >.
>> >
>.
>
- Next message: Stefan Bako: "MSN Audio / Video"
- Previous message: Phillip Windell: "Re: Odd Ports Being Allowed"
- In reply to: Steve: "Re: Accessing External OWA from behind ISA"
- Next in thread: Steve: "Re: Accessing External OWA from behind ISA"
- Reply: Steve: "Re: Accessing External OWA from behind ISA"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
