locked
Publish Access Edge via ISA 2006 RRS feed

  • Question

  •  

    Hi,

     

    I have installed Access Edge servers with 2 NIC as mentioned below.

     

    External NIC - DMZ IP (Public IP mapped to the DMZ IP)

     

    Internal IP - LAN IP

     

    Now the External users were able to login thru internet and were able to chat. But they get an error msg in the communicator saying "Cannot Synchronize Corporate Address Book".

     

    I have installed ISA 2006 in 2 leg perimter and configured Website publishing rule as given in the OCS Document. But still I am getting the same error. I tried to access https://externalwebfarmfqdn/Abs/Ext/Handler & https://externalwebfarmfqdn/Conf/Ext/Tshott.html but it says page cannot be displayed.

     

    To configure Commicator external Server address and to publish the Address Book I used different externalFQDN for Example sip.domain.com & abs.domain.com

     

    please help me to solve the issue

     

    Regards

    Santosh

     

     

     

    Tuesday, March 25, 2008 10:59 AM

All replies

  • You should enable logging in ISA server to check what is going on.

    I guess you might have authentication issues

     

    Tuesday, March 25, 2008 7:46 PM
  •  

    Can you please tell me how to check to it.
    Wednesday, March 26, 2008 4:06 AM
  • Sorry Guys,

     

     I had a problem with my Firewall configuration and now its corrected. But now if I try to browse https://ExternalWebfarmfqdn/Conf/Ext/Tshoot.html its giving an error "Error Code: 500 Internal Server Error. The target principal name is incorrect. (-2146893022) "

     

    Wednesday, March 26, 2008 7:53 AM
  •  

    You have published to your Internal Webserver using SSL bridging

    You must make sure that you enter the correct name for the webserver

     

    The Name must match the subject name in the Certificate of the webserver

    If you have a SAN (Subject Alternative Name list) I think you need to set it to the first entry in the list

     

    So if you publish to your internal server "web.contoso.com" with ip x.x.x.x

    Then your internal server must have a certificate that has web.contoso.com in the subject name

    or has web.contoso.com in the first entry of the SAN

     

    If web.contoso.com is not found in the certificate then you need to specify on that is on the certificate

     

    Deli

    Wednesday, March 26, 2008 2:37 PM