+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 17
Internet Related/Filtering/Firewall Thread, ISA 2006 problems with OWA and VPN in Technical; OK I'm sure this is linked: OWA Cannot login to OWA 2007 externally - each time I get stuck in ...
  1. #1

    Gatt's Avatar
    Join Date
    Jan 2006
    Posts
    6,660
    Thank Post
    859
    Thanked 646 Times in 429 Posts
    Rep Power
    498

    ISA 2006 problems with OWA and VPN

    OK I'm sure this is linked:

    OWA Cannot login to OWA 2007 externally - each time I get stuck in a login loop with the error

    Quote Originally Posted by OWA 2007
    You could not be logged on to ISA Server. Make sure that your domain name, user name, and password are correct, and then try again.
    I have tried domain\username, username@dnsdomain.com, and username - all loop back to above error..

    Works perfectly internally..

    VPN

    When I try to connect to the VPN, it says "verifying username and password" then "connecting to <ip>" and then "verifying username and password" again before it errors with
    Quote Originally Posted by VPN
    error 718: The connection was terminated because the remote computer did not respond in a timely manner
    I have a feeling both are linked - possibly to AD but not sure what...

    Interestingly, Moodle (same ISA server) allows me to login using same AD server


  2. #2

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,955
    Thank Post
    886
    Thanked 1,700 Times in 1,477 Posts
    Blog Entries
    12
    Rep Power
    448
    Is this a new setup or has it just decided to die?

  3. #3

    Gatt's Avatar
    Join Date
    Jan 2006
    Posts
    6,660
    Thank Post
    859
    Thanked 646 Times in 429 Posts
    Rep Power
    498
    It's a new setup - freshly installed last week - and again today....

  4. #4

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,955
    Thank Post
    886
    Thanked 1,700 Times in 1,477 Posts
    Blog Entries
    12
    Rep Power
    448
    What ports are you forwarding for the VPN?

    Also is the client Vista?

    On the ISA Server try ticking only MS-CHAP for the Auth
    Last edited by FN-GM; 3rd August 2009 at 10:15 PM.

  5. #5

    EduTech's Avatar
    Join Date
    Aug 2007
    Location
    Reading
    Posts
    5,062
    Thank Post
    160
    Thanked 920 Times in 723 Posts
    Blog Entries
    3
    Rep Power
    272
    @ Gatt

    You know on your rules, are you using the Name? if so are you using the FQDN?

    Have you tried using the Servers IP in the Rules instead?

    It sounds like it's having problems passing through the authentication

    James.

  6. #6

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,955
    Thank Post
    886
    Thanked 1,700 Times in 1,477 Posts
    Blog Entries
    12
    Rep Power
    448
    Quote Originally Posted by EduTech View Post
    @ Gatt

    You know on your rules, are you using the Name? if so are you using the FQDN?

    Have you tried using the Servers IP in the Rules instead?

    It sounds like it's having problems passing through the authentication

    James.
    The Firewall rules shouldn't cause this problem. Even if you have no rules setup it will still connect.

    I have had problems connecting from Vista machines but when using XP its perfect.

  7. #7

    EduTech's Avatar
    Join Date
    Aug 2007
    Location
    Reading
    Posts
    5,062
    Thank Post
    160
    Thanked 920 Times in 723 Posts
    Blog Entries
    3
    Rep Power
    272
    I'm talking more from this error:

    You could not be logged on to ISA Server. Make sure that your domain name, user name, and password are correct, and then try again.
    I have had this happen to me, and it was because the ISA box could not talk to the DC so it could not autenticate.

    James.

  8. #8

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,955
    Thank Post
    886
    Thanked 1,700 Times in 1,477 Posts
    Blog Entries
    12
    Rep Power
    448
    Quote Originally Posted by EduTech View Post
    I'm talking more from this error:



    I have had this happen to me, and it was because the ISA box could not talk to the DC so it could not autenticate.

    James.
    Sorry i forgot about the exchange bit.

  9. #9

    Gatt's Avatar
    Join Date
    Jan 2006
    Posts
    6,660
    Thank Post
    859
    Thanked 646 Times in 429 Posts
    Rep Power
    498
    @edutech - here is how my OWA rule is setup:

    To: mail.moorsidehigh.com / <internal ip of owa> / Fwd original Host header / Requests appear from ISA
    Traffic - HTTPS
    Listener - See below
    Public Name - mail.moorsidehigh.com
    Auth Delegation - Basic

    OWA Listener:
    Conntions - SSL Port 443
    certifcates - mail.moorsidehigh.com
    sso - no
    Auth - HTML FOrm Auth - LDAP (AD) - LDAP Server set - DC / <DC IP> - Login Expression = MYDOMAIN\* / DC

  10. #10

    Gatt's Avatar
    Join Date
    Jan 2006
    Posts
    6,660
    Thank Post
    859
    Thanked 646 Times in 429 Posts
    Rep Power
    498
    1 down (OWA)... 1 to go (VPN)...

  11. #11

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,172
    Thank Post
    868
    Thanked 2,699 Times in 2,288 Posts
    Blog Entries
    11
    Rep Power
    772
    Do you have a direct unfiltered connection from your ISA box to the net and is your ISA box acting as your VPN gateway?

    This sounds like not all of the ports are avalible and/or the GRE protocol is not being fowarded. This could possibly be being held up in your router or by an upstream provider assuming your router supports GRE passthrough (protocol 47).

    Routing and Remote Access Blog : Which ports to unblock for VPN traffic to pass-through?

  12. #12

    Gatt's Avatar
    Join Date
    Jan 2006
    Posts
    6,660
    Thank Post
    859
    Thanked 646 Times in 429 Posts
    Rep Power
    498
    @SYNACK - yep thats how its configured..
    I have seen reference to GRE in the event logs but nothing on how to resolve it - will
    check that link though

  13. #13

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,955
    Thank Post
    886
    Thanked 1,700 Times in 1,477 Posts
    Blog Entries
    12
    Rep Power
    448
    What ports are you forwarding for the VPN?

    Also is the client Vista?

    On the ISA Server try ticking only MS-CHAP for the Auth

  14. Thanks to FN-GM from:

    Gatt (5th August 2009)

  15. #14

    EduTech's Avatar
    Join Date
    Aug 2007
    Location
    Reading
    Posts
    5,062
    Thank Post
    160
    Thanked 920 Times in 723 Posts
    Blog Entries
    3
    Rep Power
    272
    Glad to hear your got OWA working

    I'll keep out of the VPN, because i couldn't set it up on ours due to our LA blocking the ports

    James.

  16. #15

    Gatt's Avatar
    Join Date
    Jan 2006
    Posts
    6,660
    Thank Post
    859
    Thanked 646 Times in 429 Posts
    Rep Power
    498
    OK this VPN error is really getting on my t1ts..
    I have done everything that I know of to create the VPN on the ISA box and in RRAS
    I have a rule for PPTP connections, and RRAS configured for Dial-in/VPN

    But whenever I try to connect I get an error 718

    Someone mentioned GRE - but despite scouring Google I have yet to fathom how to get ISA to work

    Its not my Router as we have had VPN working all last year with no issues.

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. ISA 2006 vs OWA 2007
    By Gatt in forum Internet Related/Filtering/Firewall
    Replies: 6
    Last Post: 28th July 2009, 02:51 PM
  2. Publishing OWA 2003 SSL via ISA 2006
    By Gatt in forum Windows
    Replies: 20
    Last Post: 2nd April 2009, 08:24 PM
  3. ISA Server 2006 Remote VPN
    By Michael_84 in forum Wireless Networks
    Replies: 0
    Last Post: 19th February 2008, 05:41 PM
  4. ISA 2006
    By UBBERgoose in forum Windows
    Replies: 3
    Last Post: 23rd August 2007, 09:26 AM
  5. Isa server 2006 install problems
    By phreak in forum Windows
    Replies: 3
    Last Post: 30th May 2007, 12:02 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •