Re: HTTP Error 403.6 - Forbidden: IP Address Rejected

Hi Crina,

I appreciate your help. You were correct, it was the proxy settings on the
user's home workstation. Also, I apologize about the delay in replying, the
user was out of town and just now connected to the office network
successfully.

Thanks Again,
Garry

"Crina Li (MSFT)" <v-crinal@xxxxxxxxxxxxxxxxxxxx> wrote in message
news:nLI%23nf6gFHA.1336@xxxxxxxxxxxxxxxxxxxxxxxx
> Hi Garry,
>
> Thank you for posting in SBS newsgroup.
>
> From your description, I understand a client encounters error "HTTP Error
> 403.6 - Forbidden: IP address of the client has been rejected." when he
> accesses RWW. If I have misunderstood your concerns, please do not
> hesitate
> to let me know.
>
> Currently, you may check if Internet Explorer of the problematic client is
> configured to use some Proxy servers. Please make sure that the "Bypass
> proxy for local addresses" internet options, is checked and is working
> normally.
>
> You can also try to change the security settings for the Remote Web
> Workstation's connection. To change the security settings, perform the
> following steps:
>
> 1. Open the IIS console
> 2. Open the Default Website's properties
> 3. Click the Directory Security tab.
> 4. Click the Edit button next to the IP Address and Domain Name
> Restrictions heading.
> 5. Choose Granted access.
>
> After doing so, can the problem still occur?
>
> If you have installed ISA, changing the setting may not result in serious
> security risk.
>
> If the issue still persists, let's collect the IIS logging for further
> research:
>
> 1. Open IIS Manager. Expand IIS -> ServerName -> Web Sites -> Default Web
> Site -> Properties -> Web Site tab:
>
> 2. Make sure "Enable Logging" is checked, and use "W3C Extended Log File
> Format".
>
> 3. Click Properties. On Advanced tab, check all check boxes. On General
> tab, you can find the path for IIS logfile.
>
> 4. Reproduce the issue again.
>
> 5. Stop the Default Web Site.
>
> 6. Post the IIS log regarding the issue to SBS newsgroup.
>
> Hope the information help and I look forward to your reply.
>
> Best regards,
>
> Crina Li (MSFT)
>
> Microsoft CSS Online Newsgroup Support
>
> Get Secure! - www.microsoft.com/security
>
> =====================================================
> When responding to posts, please "Reply to Group" via your newsreader so
> that others may learn and benefit from your issue.
> =====================================================
>
> This posting is provided "AS IS" with no warranties, and confers no
> rights.
> --------------------
> | From: "SBS 2003 User" <garry.wheeler@xxxxxxxxxxxxxxxxxxx>
> | Subject: HTTP Error 403.6 - Forbidden: IP Address Rejected
> | Date: Thu, 7 Jul 2005 16:46:47 -0500
> | | Newsgroups: microsoft.public.windows.server.sbs
> | |
> | I have an office using SBS 2003 whose users sometimes login remotely to
> use
> | the company Remote Web Workplace, specifically to connect to their
> | workstations. Typically they connect simply to edit files or to print
> them
> | when at remote offices. We have not had problems with any remote
> | connections until today when one user can't seem to connect from his
> home
> | computer to the office.
> |
> | The user in question has a cable broadband connection with a major
> national
> | carrier. I, in fact, have the same carrier and have never had any
> problems
> | whatsoever. Regardless, this user receives the below error when he
> tries
> to
> | connect to our the Remote Web Workplace.
> |
> | You are not authorized to view this page The Web server you are
> attempting
> | to reach has a list of IP addresses that are not allowed to access the
> Web
> | site, and the IP address of your browsing computer is on this list.
> |
> ----------------------------------------------------------------------------
> ----
> |
> | Please try the following:
> |
> | Contact the Web site administrator if you believe you should be able to
> view
> | this directory or page.
> |
> | HTTP Error 403.6 - Forbidden: IP address of the client has been
> rejected.
> |
> | Internet Information Services (IIS)
> |
> |
> ----------------------------------------------------------------------------
> ----
> |
> | Technical Information (for support personnel)
> |
> | Go to Microsoft Product Support Services and perform a title search for
> the
> | words HTTP and 403.
> |
> | Open IIS Help, which is accessible in IIS Manager (inetmgr), and search
> for
> | topics titled About Security, Limiting Access by IP Address, IP Address
> | Access Restrictions, and About Custom Error Messages.
> |
> | I have looked at Microsoft Article ID 306833 and Article ID 248043;
> however,
> | would like some advice before doing what these two articles advise,
> | specifically to go to the Intenret Information Server's properties and
> | modify the Default Web Site and grant access to all computers and IP
> | addresses. Right now the only computers that have access are the server
> | (192.168.0.2) and the local workstation (127.0.0.1).
> |
> | My questions are these: 1) Why doesn't this particular client use the
> IP
> | address of the proxy server like everyone else is assigned when logging
> in
> | and 2) Is allowing all IP address and domain access a serious security
> | risk?
> |
> | Thanks in advance for all of your help.
> |
> | Garry
> |
> |
> |
> |
> |
> |
> |
>


.