Re: ISA 2004 on Slipstream SBS 2003
- From: "Henry Craven" <I_User@xxxxxxxxxxxxxxx>
- Date: Wed, 7 Dec 2005 17:58:45 +1100
Hi Les.
Created a Cert based on the IP Address pre-ISA.
Post ISA the CEICW has Never completed correctly so I can't tell outside of
the log what has or hasen't worked.
I'm aware of the Cert issue and the "Publish" Host.
Trying to unravel it is the tricky bit.
---
Henry
"Les Connor [SBS Community Member - SBS MVP]" <les.connor@xxxxxxxxxxxx>
wrote in message news:%23w0keXu%23FHA.2036@xxxxxxxxxxxxxxxxxxxxxxx
> Hi Henry,
>
> Are you using the sbs cert? Will ceicw allow you to re-create it, and then
> does ciecw complete?
>
> ISA 2k4 does have an additional layer involving ssl, that ISA 2k never
> had. I knew I should have taken notes ;-(). Actually I think I did take
> notes, but now I can't find them.
>
> --
> Les Connor [SBS Community Member - SBS MVP]
> -----------------------------------------------------------
> SBS Rocks !
> ----------------------
> "Tell me and I'll forget. Show me and I'll remember. Involve me and I'll
> understand." - Confucius
>
>
> "Henry Craven" <I_User@xxxxxxxxxxxxxxx> wrote in message
> news:esyY07r%23FHA.1032@xxxxxxxxxxxxxxxxxxxxxxx
>> Had a Nice little SBS 2003 running smoothly ....until we installed the
>> ISA Server.
>>
>> ISA seemed to install fine including the MSDE update/SP
>>
>> CEICW fails, and so does the RRAS Wiz.
>> Certificates are invalid (RWW- Error Code: 500 Internal Server Error. The
>> certificate chain was issued by an authority that is not
>> trusted. -2146893019)
>> and VPN is blocked.
>>
>> ----
>> 07/12/2005 10:17 AM
>> Firewall Rule: SBS DHCP Client
>> Cannot find the firewall rule, ignoring the error
>> Firewall Rule: SBS HTTP 80 Out CustomFilter
>> Cannot find the firewall rule, ignoring the error
>> Firewall Rule: SBS FTP 20 In CustomFilter
>> Cannot find the firewall rule, ignoring the error
>> Firewall Rule: SBS FTP 20 Out CustomFilter
>> Cannot find the firewall rule, ignoring the error
>> Firewall Rule: SBS POP3 110 Out CustomFilter
>> Cannot find the firewall rule, ignoring the error
>> Firewall Rule: SBS NTP 123 Out CustomFilter
>> Cannot find the firewall rule, ignoring the error
>> Firewall Rule: SBS DnsLookupPredefinedType
>> Cannot find the firewall rule, ignoring the error
>> Firewall Rule: SBS IcmpPingQueryPredefinedType
>> Cannot find the firewall rule, ignoring the error
>> Firewall Rule: SBS IdentdPredefinedType
>> Cannot find the firewall rule, ignoring the error
>> Firewall Rule: SBS TS 3389 In CustomFilter
>> Cannot find the firewall rule, ignoring the error
>> Firewall Rule: SBS TS 3389 Out CustomFilter
>> Cannot find the firewall rule, ignoring the error
>> Firewall Rule: SBS PptpReceivePredefinedType
>> Cannot find the firewall rule, ignoring the error
>> Firewall Rule: SBS PptpCallPredefinedType
>> Cannot find the firewall rule, ignoring the error
>> Firewall Rule: SBS FTP 21 In CustomFilter
>> Cannot find the firewall rule, ignoring the error
>> Firewall Rule: SBS FTP 21 Out CustomFilter
>> Cannot find the firewall rule, ignoring the error
>> Firewall Rule: SBS SMTP 25 Out CustomFilter
>> Cannot find the firewall rule, ignoring the error
>> Firewall Rule: SBS SmtpPredefinedType
>> Cannot find the firewall rule, ignoring the error
>> Firewall Rule: SBS NNTP 119 Out CustomFilter
>> Cannot find the firewall rule, ignoring the error
>> Firewall Rule: SBS Remote Web Workplace CustomFilter
>> Cannot find the firewall rule, ignoring the error
>> Firewall Rule: SBS NTP 123 Out CustomFilter
>> Cannot find the firewall rule, ignoring the error
>> Firewall Rule: Small Business RPC over HTTP Publishing Rule
>> Cannot find the firewall rule, ignoring the error
>> Firewall Rule: Small Business Business Card Publishing Rule
>> Cannot find the firewall rule, ignoring the error
>> Firewall Rule: Small Business CompanyWeb Publishing Rule
>> Cannot find the firewall rule, ignoring the error
>> Firewall Rule: Small Business TSWEB Publishing Rule
>> Cannot find the firewall rule, ignoring the error
>> Firewall Rule: Small Business RUP Publishing Rule
>> Cannot find the firewall rule, ignoring the error
>> Firewall Rule: Small Business Monitoring Publishing Rule
>> Cannot find the firewall rule, ignoring the error
>> Firewall Rule: Small Business OMA Publishing Rule
>> Cannot find the firewall rule, ignoring the error
>> Firewall Rule: Small Business OWA Web Publishing Rule
>> Cannot find the firewall rule, ignoring the error
>> Firewall Rule: Small Business Web Publishing Rule
>> Cannot find the firewall rule, ignoring the error
>> Firewall Rule: Small Business Server All Users Protocol Rule
>> Cannot find the firewall rule, ignoring the error
>> Firewall Rule: Small Business Internet Access Protocol Rule
>> Cannot find the firewall rule, ignoring the error
>> Firewall Rule: Small Business Internet Access Protocol Rule 2
>> Cannot find the firewall rule, ignoring the error
>> Firewall Rule: Small Business Server Internet Access Site and Content
>> Rule
>> Cannot find the firewall rule, ignoring the error
>> Firewall Rule: Small Business Server Internet Access Site and Content
>> Rule 2
>> Cannot find the firewall rule, ignoring the error
>> Firewall Rule: Small Business Server All Users Site and Content Rule
>> Cannot find the firewall rule, ignoring the error
>> Call to Removing ISA2k related firewall rules () returned ok.
>> Custom protocol name: SBS FTP 20 In CustomFilter
>> Cannot find the custom protocol, ignoring the error
>> Custom protocol name: SBS FTP 20 Out CustomFilter
>> Cannot find the custom protocol, ignoring the error
>> Custom protocol name: SBS NTP 123 Out CustomFilter
>> Cannot find the custom protocol, ignoring the error
>> Custom protocol name: SBS Remote Web Workplace CustomFilter
>> Cannot find the custom protocol, ignoring the error
>> Call to Removing ISA2k related custom protocols () returned ok.
>> Call to Removing inbound access rule allowing anybody in () returned ok.
>> Call to Removing inbound access rule allowing anybody out () returned ok.
>> CStingrayCommit::CommitPortMappings
>> CStringray::RemoveAllSpecialRules
>> Call to Resetting the rule enumeration () returned ok.
>> Call to MoveToNextSpecialRule () returned ok.
>> Call to Getting the special rule info () returned ok.
>> Removing the access rule SBS RWW Inbound Access Rule
>> Call to Removing the access rule () returned ok.
>> Call to MoveToNextSpecialRule () returned ok.
>> Call to Getting the special rule info () returned ok.
>> Removing the access rule SBS FTP Outbound Access Rule
>> Call to Removing the access rule () returned ok.
>> Call to MoveToNextSpecialRule () returned ok.
>> Call to Getting the special rule info () returned ok.
>> Removing the access rule SBS RDP Outbound Access Rule
>> Call to Removing the access rule () returned ok.
>> Call to MoveToNextSpecialRule () returned ok.
>> Call to Getting the special rule info () returned ok.
>> Removing the access rule SBS Smtp Server Access Rule
>> Call to Removing the access rule () returned ok.
>> Call to MoveToNextSpecialRule () returned ok.
>> Call to Getting the special rule info () returned ok.
>> Removing the access rule SBS POP3 Outbound Access Rule
>> Call to Removing the access rule () returned ok.
>> Call to MoveToNextSpecialRule () returned ok.
>> Call to Getting the special rule info () returned ok.
>> Removing the access rule SBS Localhost Dhcp Access Rule
>> Call to Removing the access rule () returned ok.
>> Call to MoveToNextSpecialRule () returned ok.
>> Call to Getting the special rule info () returned ok.
>> Removing the access rule POP3 Inbound Access
>> Call to Removing the access rule () returned ok.
>> Call to MoveToNextSpecialRule () returned ok.
>> Call to CStringray::RemoveAllSpecialRules () returned ok.
>> Call to Removing all special firewall rules () returned ok.
>> CStingrayCommit::CreateStandardPortMappings
>> Call to Enabling the DHCP system policy () returned ok.
>> Call to Enabling the CRL download system policy () returned ok.
>> Call to Creating the DHCP access rule () returned ok.
>> Call to Disabling ICMP () returned ok.
>> Call to CStingrayCommit::CreateStandardPortMappings () returned ok.
>> Call to Creating the standard filters () returned ok.
>> CStingrayCommit::CreatePortMappingsFromXML
>> Call to Resetting the port mapping list () returned ok.
>> Call to Getting the number of port mappings () returned ok.
>> Number of port mappings 5
>> Call to Getting the next port mapping () returned ok.
>> Call to Reading Port () returned ok.
>> Call to Reading Protocol () returned ok.
>> Call to Reading Direction () returned ok.
>> Call to Validating TCP direction () returned ok.
>> Call to Reading Enable () returned ok.
>> Call to Getting the name for the predefined port mapping () returned ok.
>> Call to Creating tcp port mapping protocol () returned ok.
>> Call to Creating the outbound SMTP access rule () returned ok.
>> Call to Creating the outbound POP3 access rule () returned ok.
>> Call to Creating the outbound NNTP access rule () returned ok.
>> Call to Handling predefined port mapping () returned ok.
>> Creating access rule SBS Smtp Server Access Rule TCP 25 returned 0
>> Call to Getting the next port mapping () returned ok.
>> Call to Reading Port () returned ok.
>> Call to Reading Protocol () returned ok.
>> Call to Reading Direction () returned ok.
>> Call to Validating TCP direction () returned ok.
>> Call to Reading Enable () returned ok.
>> Skipping the port mapping for Port 1723
>> Call to Creating the outbound PPTP access rule () returned ok.
>> Call to Handling predefined port mapping () returned ok.
>> Call to Creating outbound PPTP access rule () returned ok.
>> Call to Getting the next port mapping () returned ok.
>> Call to Reading Port () returned ok.
>> Call to Reading Protocol () returned ok.
>> Call to Reading Direction () returned ok.
>> Call to Validating TCP direction () returned ok.
>> Call to Reading Enable () returned ok.
>> Call to Getting the name for the predefined port mapping () returned ok.
>> Call to Creating tcp port mapping protocol () returned ok.
>> Call to Creating the outbound RDP access rule () returned ok.
>> Call to Handling predefined port mapping () returned ok.
>> Creating access rule SBS RDP Server Access Rule TCP 3389 returned 0
>> Call to Getting the next port mapping () returned ok.
>> Call to Reading Port () returned ok.
>> Call to Reading Protocol () returned ok.
>> Call to Reading Direction () returned ok.
>> Call to Validating TCP direction () returned ok.
>> Call to Reading Enable () returned ok.
>> Call to Getting the name for the predefined port mapping () returned ok.
>> Call to Creating tcp port mapping protocol () returned ok.
>> Call to Creating the outbound FTP access rule () returned ok.
>> Call to Handling predefined port mapping () returned ok.
>> Creating access rule SBS FTP Server Access Rule TCP 21 returned 0
>> Call to Getting the next port mapping () returned ok.
>> Call to Reading Port () returned ok.
>> Call to Reading Protocol () returned ok.
>> Call to Reading Direction () returned ok.
>> Call to Validating TCP direction () returned ok.
>> Call to Reading Enable () returned ok.
>> Skipping the port mapping for Port 80
>> Call to CStingrayCommit::CreatePortMappingsFromXML () returned ok.
>> Call to Creating predefined port mappings () returned ok.
>> CStingrayCommit::CreatePortMappingsFromXML
>> Call to Resetting the port mapping list () returned ok.
>> Call to Getting the number of port mappings () returned ok.
>> Number of port mappings 1
>> Call to Getting the next port mapping () returned ok.
>> Call to Reading Port () returned ok.
>> Call to Reading Protocol () returned ok.
>> Call to Reading Direction () returned ok.
>> Call to Validating TCP direction () returned ok.
>> Call to Reading Enable () returned ok.
>> Call to Getting the name for the predefined port mapping for RWW ()
>> returned ok.
>> Call to Creating tcp port mapping protocol () returned ok.
>> Creating access rule SBS RWW Inbound Access Rule TCP 4125 returned 0
>> Call to CStingrayCommit::CreatePortMappingsFromXML () returned ok.
>> Call to Creating custom port mappings () returned ok.
>> Call to CStingrayCommit::CommitPortMappings () returned ok.
>> Call to Creating port mappings () returned ok.
>> CStingrayCommit::CommitWebPublishingRules
>> Call to Removing all sbs web publishing rules () returned ok.
>> RUP is published
>> Call to Fixing the inheritance for default web site () returned ok.
>> Call to Unpublishing the default web site () returned ok.
>> Call to Fixing the inheritance for companyweb dir () returned ok.
>> Call to Unpublishing companyweb () returned ok.
>> Call to Publishing /Exchange () returned ok.
>> Call to Publishing /ExchWeb () returned ok.
>> Call to Publishing /Public () returned ok.
>> Call to Publishing /ExAdmin () returned ok.
>> Call to Publishing RUP () returned ok.
>> Call to Publishing client help for RUP () returned ok.
>> Call to Publishing Monitoring () returned ok.
>> Call to Publishing OMA () returned ok.
>> Call to Publishing ActiveSync () returned ok.
>> Call to Publishing RPC over HTTP () returned ok.
>> Call to Configuring RPC over HTTP () returned ok.
>> Call to Publishing Companyweb () returned ok.
>> CStingrayCommit::CreateWebPublishingRules
>> Call to Reading publishing server name () returned ok.
>> Call to Creating A record for publishing () returned ok.
>> Call to Checking the existence of the SBS listener () returned ok.
>> CStringrayCommit::GetSBSCertHash
>> Call to Getting the web listener SSL port () returned ok.
>> SSL Port: 443
>> Call to Getting the listener cert hash () returned ok.
>> Call to CStringrayCommit::GetSBSCertHash () returned ok.
>> Call to Reading the cert hash out of the listener () returned ok.
>> Call to Reading the Internet Server Name () returned ok.
>> Internet Server Name: <xxx.xxx.xxx.xxx>
>> Call to Recreating the SBS web listener () returned ok.
>> Call to Publishing OWA () returned ok.
>> Call to Publishing RUP () returned ok.
>> Call to Publishing Monitoring () returned ok.
>> Call to Publishing OMA () returned ok.
>> Call to Publishing RPC () returned ok.
>> Call to CStingrayCommit::CreateWebPublishingRules () returned ok.
>> Call to Creating ISA2k4 Web publishing rules () returned ok.
>> Call to Notify RUP for OWA () returned ok.
>> Call to Notify RUP for Monitoring () returned ok.
>> Call to Notify RUP for RPC () returned ok.
>> Call to Notify RUP for Companyweb () returned ok.
>> Call to Restricting exhchangeoma to local server only () returned ok.
>> Call to Restricting ConnectComputer to local network only () returned ok.
>> Call to Setting PassOPTIONSToPublishedServer () returned ok.
>> Call to GetInternetServerName () returned ok.
>> Call to NotifyProvisioning () returned ok.
>> Call to Limiting number of connections () returned ok.
>> Call to Sending RUP intro mail () returned ok.
>> Call to Saving web publishing selection () returned ok.
>> Call to CStingrayCommit::CommitWebPublishingRules () returned ok.
>> Call to Creating Web publishing rules () returned ok.
>> CStingrayCommit::FixAccessRuleOrders
>> Call to Fixing the LAN access rule order () returned ok.
>> Call to Fixing the Windows update Access rule order () returned ok.
>> Call to Fixing the Internet Access rule order () returned ok.
>> Call to CStingrayCommit::FixAccessRuleOrders () returned ok.
>> Call to Fixing the access rule order () returned ok.
>>
>> Error 0xc0040393 returned from call to Saving ISA2k4 changes().
>>
>> Some configuration changes were not applied. See the Windows event viewer
>> for more details.
>> at InteropFPCLib.FPCArrayClass.Save(Boolean fResetRequiredServices,
>> Boolean fReloadConfiguration)
>> at StingrayManagedUtil.StingrayUtil.SaveChangesAndRestartServices()
>>
>> Error 0xc0040393 returned from call to CStingrayCommit::CommitEx().
>>
>> calling GetBOConnector ().
>> Call to GetBOConnector () returned ok.
>> calling spADs->PutEx (ADS_PROPERTY_CLEAR,
>> msExchSmtpOutboundSecurityPassword).
>> Call to spADs->PutEx () returned ok.
>> calling spADs->SetInfo ().
>> Call to spADs->SetInfo () returned ok.
>>
>> ----
>> NETWORK SERVICE accounta are fine and there are no custom Sub/Websites.
>>
>> All Ideas appreciated.
>> Solutions Applauded.
>>
>> ---
>> Henry Craven
>>
>
>
.
- References:
- ISA 2004 on Slipstream SBS 2003
- From: Henry Craven
- Re: ISA 2004 on Slipstream SBS 2003
- From: Les Connor [SBS Community Member - SBS MVP]
- ISA 2004 on Slipstream SBS 2003
- Prev by Date: Re: SBS2003 - Cannot restore GPO following Article 888943
- Next by Date: Re: ISA 2004 on Slipstream SBS 2003
- Previous by thread: Re: ISA 2004 on Slipstream SBS 2003
- Next by thread: Re: ISA 2004 on Slipstream SBS 2003
- Index(es):
Relevant Pages
|
