+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 16
Wireless Networks Thread, ISA Server 2000 & Linux based clients in Technical; We have windows Small business server 2003 installed with ISA server 2000. All the windows based clients work fine with ...
  1. #1

    Join Date
    Apr 2008
    Location
    Delhi
    Posts
    6
    Thank Post
    1
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Angry ISA Server 2000 & Linux based clients

    We have windows Small business server 2003 installed with ISA server 2000. All the windows based clients work fine with no problem in accessing internet or using email clients. The problem is with Linux based clients (Fedora core -6). The problems are following -
    1. If the browser is configured to use the proxy, internet can be used without any problem however the users fail to browse the internal websites (e.g. EduGeek.net, etc) (created by adding cnames). IF the proxy settings are removed, the internet cannot be accessed but all the internal websites works fine
    2. Evolution email client does not work at all (the connections time out)
    I am new to Linux and therefore have failed to resolve the problem till date. Any help in this regard would be highly appreciated.

  2. #2

    Join Date
    May 2007
    Location
    Hull, UK
    Posts
    256
    Thank Post
    6
    Thanked 13 Times in 13 Posts
    Rep Power
    17
    Im not a linux guru but i assume its the same as windows settings, if your websites are referenced internal (why you'd do this for external sites i dont know?) you will have to put an exception in the browser to bypass the proxy for those sites, this is under Proxy settings in IE and Network settings in Firefox.

  3. Thanks to mcloum from:

    Rajesh (18th April 2008)

  4. #3

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,800
    Thank Post
    110
    Thanked 582 Times in 503 Posts
    Blog Entries
    1
    Rep Power
    223
    There should also be a way to instruct the proxy that the sites are internal. So it can see them too. That way you don't need exceptions. On squid you use the 'always_direct' configuration setting to do this, but I'm not familar with ISA server so I can't help there.

  5. #4

    sparkeh's Avatar
    Join Date
    May 2007
    Posts
    6,259
    Thank Post
    1,138
    Thanked 1,463 Times in 980 Posts
    Blog Entries
    22
    Rep Power
    457
    Not an expert with ISA but we have ISA 2003 at one of my schools that I have some knowledge of.

    I think we achieved this by having a two web chaining rules.
    The first is set to retrieve certain URLs directly. To do this create a new rule, under the 'Action' tab select the option to 'retrieve directly' (or words to that effect). Under the 'To' tab you choose the traffic to apply this to. Here you can add a new URL set that contains the local URLs. Thats it really.
    The second rule should pick up everything else and send it to the upstream proxy.

  6. #5

    Join Date
    Apr 2008
    Location
    Delhi
    Posts
    6
    Thank Post
    1
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Smile Internal site problem solved

    Quote Originally Posted by mcloum View Post
    Im not a linux guru but i assume its the same as windows settings, if your websites are referenced internal (why you'd do this for external sites i dont know?) you will have to put an exception in the browser to bypass the proxy for those sites, this is under Proxy settings in IE and Network settings in Firefox.
    I made the changes as suggested and now the internal sites are working fine. However, the problem with evolution remains as it was. Thanks for your nice suggestion.

  7. #6

    Ric_'s Avatar
    Join Date
    Jun 2005
    Location
    London
    Posts
    7,582
    Thank Post
    107
    Thanked 761 Times in 592 Posts
    Rep Power
    179
    What kind of server are you trying to connect to with Evolution? Where is the server?

  8. #7

    Join Date
    Apr 2008
    Location
    Delhi
    Posts
    6
    Thank Post
    1
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Quote Originally Posted by Ric_ View Post
    What kind of server are you trying to connect to with Evolution? Where is the server?
    The servers are live with windows server 2003 and Argosoft email server installed on it

  9. #8

    Ric_'s Avatar
    Join Date
    Jun 2005
    Location
    London
    Posts
    7,582
    Thank Post
    107
    Thanked 761 Times in 592 Posts
    Rep Power
    179
    Quote Originally Posted by Rajesh View Post
    The servers are live with windows server 2003 and Argosoft email server installed on it
    What protocol are you using (POP3/IMAP) and are the servers on your domain?

    If the servers are remote, you need an ISA rule allowing traffic to the address(es) of the servers for the type of protocol you want to use.

    If you are trying to use IMAP, make sure that it is supproted at the server - only the pro version supports this from what I can see.

  10. #9

    Join Date
    Apr 2008
    Location
    Delhi
    Posts
    6
    Thank Post
    1
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Unhappy Mail server protocol

    Quote Originally Posted by Ric_ View Post
    What protocol are you using (POP3/IMAP) and are the servers on your domain?

    If the servers are remote, you need an ISA rule allowing traffic to the address(es) of the servers for the type of protocol you want to use.

    If you are trying to use IMAP, make sure that it is supproted at the server - only the pro version supports this from what I can see.
    We are using POP3 protocol for our email server and the servers are hosted. Please note that we use ISA server 2000 on our local server and all the workstations have ISA server 2000 client installed on them with static IP (i.e. DHCP is not being used) and the outlook doen not have any problem receiving or sending emails. The two workstations that have Fedora core 6.0 installed do not have any client for ISA server 2000and hence the probelm.

  11. #10

    Ric_'s Avatar
    Join Date
    Jun 2005
    Location
    London
    Posts
    7,582
    Thank Post
    107
    Thanked 761 Times in 592 Posts
    Rep Power
    179
    Try using the logging tools in ISA to watch what happens when you try to connect from one of these machiens. It should say what rule is denying the traffic.

  12. #11

    Join Date
    Apr 2008
    Location
    Delhi
    Posts
    6
    Thank Post
    1
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Angry

    Quote Originally Posted by Ric_ View Post
    Try using the logging tools in ISA to watch what happens when you try to connect from one of these machiens. It should say what rule is denying the traffic.
    No entry found in the ISA log. Message from evolution - Connection timed out

  13. #12

    Ric_'s Avatar
    Join Date
    Jun 2005
    Location
    London
    Posts
    7,582
    Thank Post
    107
    Thanked 761 Times in 592 Posts
    Rep Power
    179
    Do you have the ISA server's internal IP address set as the default gateway? This should force the traffic through.

    Make sure that DNS resolved correctly for your mail server (or use the IP address instead).

  14. #13

    Join Date
    Apr 2008
    Location
    Delhi
    Posts
    6
    Thank Post
    1
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Quote Originally Posted by Ric_ View Post
    Do you have the ISA server's internal IP address set as the default gateway? This should force the traffic through.

    Make sure that DNS resolved correctly for your mail server (or use the IP address instead).
    First of all accept my heartiest thanks for the eagerness you have shown in sorting out the problem.
    Yes, ISA server's internal IP address is being used as the default gateway.
    Extra info for you -
    when the following command is issued from the linux terminal -
    telnet domain.com 25 or telnet domain.co 110
    It resolves the IP of the said domain but after a fixed interval of time, it displays the message - Connection timed out

  15. #14

    Join Date
    May 2007
    Location
    Hull, UK
    Posts
    256
    Thank Post
    6
    Thanked 13 Times in 13 Posts
    Rep Power
    17
    I think i may have a solution for you which i will post tonight or tomorrow. Its probably due to your server having authentication turned which can be troublesome especially if its NTML authentication (I couldnt get linux out through the firewall with it on) I was messing about trying to get my ipod and one of the teachers iphones onto the internet and i managed to get it working. I will post the details soon as im leaving for the day now.

  16. #15

    Join Date
    Oct 2007
    Location
    Manchester, UK
    Posts
    19
    Thank Post
    3
    Thanked 1 Time in 1 Post
    Rep Power
    0
    NTLMaps is an awesome tool to get a Linux box to speak with a server using NTLM authentication, got mine working nicely through ISA2006.
    If it is NTLM authentication stopping you then that will work for you.

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Windows Server 2000 DC to Server 2008 DC
    By ZeroHour in forum Windows Server 2008
    Replies: 9
    Last Post: 25th March 2008, 10:57 PM
  2. Linux Server & XP Clients
    By rjsmith in forum *nix
    Replies: 3
    Last Post: 9th November 2007, 10:10 AM
  3. Assinging printers to clients based on OU
    By originofsymmetry in forum Network and Classroom Management
    Replies: 3
    Last Post: 11th July 2007, 06:02 AM
  4. Replies: 17
    Last Post: 27th January 2007, 03:21 PM
  5. OpenFilter - Linux based SAN distro.
    By Geoff in forum *nix
    Replies: 4
    Last Post: 24th September 2006, 08:47 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •