RE: Access rule for Hotmail & Yahoo mail in ISA 2000 server

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

Hello Syed,

Thank you for posting here.

According to your description, I understand that you want Business office
group only to access 3 web sites, but you get error page when logon yahoo
mail and hotmail. If I have misunderstood the problem, please don't
hesitate to let me know.

Based on my research, in SBS, after you run the CEICW (ICW for SBS 2000),
all internal user accounts can complete access Internet. Therefore, please
let me know the detail steps about how you set the Business office group
only access 3 web sites.

As I know, the logon pages for yahoo mail and hotmail thru HTTPS, so I
suggest you check the rule for the Business office group, ensure you
include HTTPS protocol in the rule.

Before we go any further, please let me know the following information so
that we can understand your situation more clearly.

1. What's edition of your SBS? SBS 2000 or SBS 2003?

2. Please capture screenshots on the error page and send the pictures to me
at v-terliu@xxxxxxxxxxxxx

3. Please help to gather the ISA Info:

1) Visit www.isatools.org. Click ''ISAinfo for ISA 2000''.

2) Run the script isainfo.vbe on the SBS server.

3) Send the ISAinfo log files to me at v-terliu@xxxxxxxxxxxxxx

4. Please also help to gather the ISA logs:

1) Open ISA Management console, navigate to 'Monitoring
Configuration'\'Logs'. In the right panel, right-click 'Packet filters' and
choose 'Properties'.

2) In the 'Fields' tab, select ALL log fields. Also enable all the log
fields for 'ISA Server Firewall service' and 'ISA Server web proxy service'
log. Navigate to 'Monitoring'\'Services', restart the ISA related services.

3) After reproducing the problem, gather the recent log files in C:\Program
Files\Microsoft ISA Server\ISAlogs\ folder and send them to me for further
research.

5. Use the Networking MPS report to capture the server networking
configurations for further analysis:

a. Download MPSrepot_network from
http://download.microsoft.com/download/b/b/1/bb139fcb-4aac-4fe5-a579-30b0bd9
15706/MPSRPT_NETWORK.EXE

b. Run MPSRPT_NETWORK.exe on the server box.

c. The tool will automatically collect the information. This procedure will
take 10~15 minutes.

d. Open Windows Explorer, navigate to the folder:
%SystemRoot%\MPSReports\Network\Reports\Cab\

e. Send the .cab file directly to me.

I appreciate your time and look forward to hearing from you.

Thanks and have a nice day!

Best regards,

Terence Liu(MSFT)

Microsoft CSS Online Newsgroup Support

Get Secure! - www.microsoft.com/security

=====================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx

When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.

Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.

For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.

Any input or comments in this thread are highly appreciated.
=====================================================

This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
| From: sa_aziz9163@xxxxxxxxx
| Newsgroups: microsoft.public.windows.server.sbs
| Subject: Access rule for Hotmail & Yahoo mail in ISA 2000 server
| Date: Sun, 01 Jul 2007 03:30:34 -0700
| Organization: http://groups.google.com
| Lines: 33
| Message-ID: <1183285834.575529.79800@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
| NNTP-Posting-Host: 212.76.64.7
| Mime-Version: 1.0
| Content-Type: text/plain; charset="iso-8859-1"
| X-Trace: posting.google.com 1183285834 11740 127.0.0.1 (1 Jul 2007
10:30:34 GMT)
| X-Complaints-To: groups-abuse@xxxxxxxxxx
| NNTP-Posting-Date: Sun, 1 Jul 2007 10:30:34 +0000 (UTC)
| User-Agent: G2/1.0
| X-HTTP-UserAgent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET
CLR 1.1.4322),gzip(gfe),gzip(gfe)
| X-HTTP-Via: 1.1 KHISA
| Complaints-To: groups-abuse@xxxxxxxxxx
| Injection-Info: m36g2000hse.googlegroups.com; posting-host=212.76.64.7;
| posting-account=dmGs_Q0AAABks6mcUV-HybxrEiOsEopl
| Bytes: 2022
| Path:
TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTFEEDS01.phx.gbl!news-out.
cwix.com!newsfeed.cwix.com!newscon02.news.prodigy.net!prodigy.net!border1.nn
tp.dca.giganews.com!nntp.giganews.com!postnews.google.com!m36g2000hse.google
groups.com!not-for-mail
| Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windows.server.sbs:47484
| X-Tomcat-NG: microsoft.public.windows.server.sbs
|
| Hi,
|
| Kindly assist me to configure in ISA server 2000 allow only yahoo &
| Hotmail mail access to users.
|
| The following rules define in ISA.
|
| 1. Two policies are defined in Access policy sit and contents group.
|
| A.Bussiness office
| B.Admin
|
| A. "Business Office" group have access to only 3 business websites.
| Destination set applied to any request .So, that all users have only
| three define website to access.
| B "Admin" group full access to Internet.
|
| In group A all three sites are working fine only with Yahoo & Hotmail
| web site . As it is configured same as other three website in
| destination set. i.e. mail.yahoo.com.
|
| It giving the error page not found after logging in to yahoo mail it
| as in Hotmail site.
|
| Please tell me how to resolve the above problem or other settings need
| to be done on client address set or access policy regarding above
| sites.
|
| Regards,
|
| Syed Abdul Aziz
| Sr.Network Engineer
|
|

.

Relevant Pages

  • RE: CEICW KEEPS GIVING ERRORS
    ... There are many articles and documents for ISA 2004 and SBS 2003. ... Troubleshooting Network Configuration in ISA Server 2004 ... How to configure Web publishing rules to host multiple Web sites with host ...
    (microsoft.public.windows.server.sbs)
  • RE: Blocking Yahoo causing issues with DHCP?
    ... To make sure your SBS 2003 server have right network configuration. ... I'd like to confirm the deny rule about Yahoo ... What's edition of your ISA? ...
    (microsoft.public.windows.server.sbs)
  • RE: isa 2004 & external website access issue
    ... internal web sites are no longer accessible, ... Does each internal web server ... headers in ISA Server ... List' and click 'Connect to the internet' in the right panel. ...
    (microsoft.public.windows.server.sbs)
  • RE: Restrict group to two web sites.
    ... firewall client installed. ... rule to restrict a group of users who can not access two web sites. ... Destination: External (Exception: the URL Set that you want to the users to ... And input correct ISA server information here. ...
    (microsoft.public.windows.server.sbs)
  • Re: Restricting Internet Access - Allow 0r Deny List
    ... I have set up a ISA 2000 SP2 server on Windows ... > can access all web sites without any problems. ... credentials can be supplied and access is granted. ... A Deny Rule (because it is explicit ...
    (microsoft.public.isa)