General discussion

Locked

Exchange 2003 OWA & ISA firewall

By eporteni ·
I am running an Exchange 2003 email server at my school. Exchange 2003 is running on Windows 2003, and though I hate to say it, on our network it is sitting outside the ISA 2000 firewall. Therefor, it has a direct connection to the Internet. The exchange server is using SMTP as it's protocol. I have two network cards in this machine... one connected directly to the router and one going into the internal network. When anyone on the internal network tries to access their email using the OWA feature, they are receiving a username and password prompt for the site. The only thing that changed is that on the ISA 2000 server, for outgoing web requests, I checked the boz asking unauthenticated users for identification. This is so that on the server's reports, I can track usage by their username rather than by their IP address. When I take out the checkmark on the ISA server, it works and doesn't prompt for a username and password, but all my reporting reverts back to IP addresses. Is there a way to set up either the exchange server or the ISA server so that from inside the network it will not prompt to enter a username and password when accessing email via the OWA? From outside the network (home), it works fine.
Thanks!

This conversation is currently closed to new comments.

5 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

by CG IT In reply to Exchange 2003 OWA & ISA f ...

I'm missing something important here. You say your network sits outside of the ISA server, yet from your description and problem, ISA server is acting as your proxy out, because when you check the box for non authenticated users, meaning users who are not logged on to the domain and ARE NOT part of the internet users security group for authentication , ISA requires authentication. So what that tells me is that your network IS behind ISA server.

You can ADD users to the internet users security group and allow only those users internet access and install the ISA server firewall client program. that way you can track em by security group membership. also in ISA managment console on your ISA server, Servers & arrays, monitoring, application usage, client applications, properties, you can track by users. Same with web usage.

I would suggest you use the Access Policy, Site and Content rules, Internet Access Site and Content Rule properties , Applies to, that you specify a particular group that has internet access and add those users to that group. Then you can track em by group membership.

Collapse -

by eporteni In reply to

Poster rated this answer.

Collapse -

by dgolic In reply to Exchange 2003 OWA & ISA f ...

As I understand you have one mahine running Exchange 2003 and ISA Server 2000. That's no big problem if ISA Server is configured properly. The problem you are having is because of several things: You are asking for authentication on ISA Server, you're clients are web proxy clients, and you probably browse OWA with the FQDN. ISA Server considers any request with the FQDN as an internet request and forwards it to a Web proxy service which askes for auth. You can do couple of things as a workaround: 1. browse to OWA with a NetBIOS name (eg. http://server) this should bypass w3proxy service, 2. turn off the authentication (not good) or 3. put your domain name (*.domain.com) in the bypass proxy server field in internet options on clients IE, this will instruct IE to send the request for that domain directly to the requested server, and not to the proxy server.

Collapse -

by eporteni In reply to

Poster rated this answer.

Collapse -

by eporteni In reply to Exchange 2003 OWA & ISA f ...

This question was closed by the author

Back to Windows Forum
5 total posts (Page 1 of 1)  

Related Discussions

Related Forums