Re: ISA2000 config for Netgear FVS328
idaniel99_at_hotmail.com
Date: 06/08/04
- Next message: Merv Porter [SBS-MVP]: "Re: Cals and Licenses"
- Previous message: Eric: "Exchange Problem"
- In reply to: Les Connor [SBS MVP]: "Re: ISA2000 config for Netgear FVS328"
- Next in thread: Les Connor [SBS MVP]: "Re: ISA2000 config for Netgear FVS328"
- Reply: Les Connor [SBS MVP]: "Re: ISA2000 config for Netgear FVS328"
- Messages sorted by: [ date ] [ thread ]
Date: Mon, 7 Jun 2004 17:43:30 -0700
Hi Les,
Thanks for your reply.
I tried Direct Broadband and I get same error message.
This is done on a test system, and it does not have an
Internet DNS, just an internal company.local, so I use
the Netgear IP 24.85.42.241 (please note that this worked
fine before ISA installation).
In CEICW I chose to publish the business web page so no
SSL required, but not even port 80 works, same error
messages on all ports https://24.85.42.241/remote
or /exchange (again this worked fine before ISA install)
The web certificate has the same name as the server
sbs.company.local on port 192.168.0.2. Should this port
different. It's greyed out, can't change.
Thanks for your help.
Daniel
PS: this test server will be on till 6:30PM Pacific Time,
if you'd like to have a look at it.
>-----Original Message-----
>Hi Daniel,
>
>With two nics (both static IPs') and a router (with a
static lan side ip)
>like you have, the correct selection in CEICW is "Direct
Broadband
>Connection".
>
>The local router option might seem like the right choice
at first, but it's
>not local (ip is not in the lat). Local router device
with IP address would
>be correct choice for a single nic SBS.
>
>You have the recommended setup with two nics and a
router.
>
>The rest of your settings look OK so far.
>
>What url do you enter when attempting a connection from
the outside ?
>https://????/remote or /exchange. i.e. what's in
the ????? part exactly, and
>does that match the name you used for your certificate
generation ?
>
>
>--
>Les Connor [SBS MVP]
>-------------------------------------
>SBS Rocks !
>
>
>
>"Daniel" <anonymous@discussions.microsoft.com> wrote in
message
>news:193aa01c44ce3$7cfb7d00$a301280a@phx.gbl...
>> As a first line of defence I tried installing Netgear
>> Firewall with NAT enabled and configured the required
>> ports to be forwarded to the SBS2k3 with ISA enabled.
The
>> outbound traffic works fine, but when tried to connect
>> from outside I'm getting the following error:
>> "403 Forbidden - The server denies the specified
Uniform
>> Resource Locator (URL). Contact the server
administrator.
>> (12202) Internet Security and Acceleration Server"
>> So on a demo system I dumped the image of SBS2k3
without
>> ISA2000 and the inbound traffic worked fine. Then I
>> installed ISA2000, ran CEICW and selected "A local
router
>> device with an IP address" the inbound doesn't work
>> anymore (outbound is fine). If I remove Netgear and
>> Connect SBS2k3 directly to ISP, rerun CEICW with "A
direct
>> broadband connection" it works fine.
>> More info: Netgear has NAT enabled, (internal ip
>> 192.168.0.1) forwarding ports (25, 80, 443, 444, 3389,
>> 4125 ) to a private static ip of SBS2k3 (192.168.0.2).
>> Second card for Internal LAN has 192.168.16.2
>> I tried to creat a new web server certificate, didn't
>> help. Currently under ISA/Servers and
>> Arrays /Properties /Incoming Web Requests/ si set to
>> Configure listeners individually per IP address, and
the
>> certificate is selected under Use a server certificate
to
>> authenticate to WEB Clients.
>> What am I missing?
>> Your help is appreciated.
>>
>
>
>.
>
- Next message: Merv Porter [SBS-MVP]: "Re: Cals and Licenses"
- Previous message: Eric: "Exchange Problem"
- In reply to: Les Connor [SBS MVP]: "Re: ISA2000 config for Netgear FVS328"
- Next in thread: Les Connor [SBS MVP]: "Re: ISA2000 config for Netgear FVS328"
- Reply: Les Connor [SBS MVP]: "Re: ISA2000 config for Netgear FVS328"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
