Redirect http to https on OWA IIS6.0 not working externally - chautran99 |
12-Dec-06 07:02:51
|
I mean DNS not DBS.
chautran...@gmail.com wrote: |
 |
| |
Redirect http to https on OWA IIS6.0 not working externally - Phillip Windell |
13-Dec-06 01:25:40
|
Publish OWA with both HTTP and HTTPS. ISA does *not* do the redirect.
Both HTTP and HTTPS have to work through the ISA Web Publishing for the
Redirect to work.
The redirect is done by IIS on the Exchange box.
How to redirect to a secure exchange virtual directory and enable
Forms-based authentication
http://support.microsoft.com/kb/555053
Note: Do *NOT* enable Forms-Based Authentication like the article says. The
article is not written with ISA in mind. The Forms Based Auth is done on the
IS *only*.
----In case you missed that part the first time----
Note: Do *NOT* enable Forms-Based Authentication like the article says. The
article is not written with ISA in mind. the Forms Based Auth is done on the
IS *only*.
--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com
The views expressed are my own (as annoying as they are), and not those of
my employer or anyone else associated with me.
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html
Troubleshooting Client Authentication on Access Rules in ISA Server 2004
http://download.microsoft.com/download/9/1/8/918ed2d3-71d0-40ed-8e6d-fd6eeb6cfa07/ts_rules.doc
Microsoft Internet Security & Acceleration Server: Guidance
http://www.microsoft.com/isaserver/techinfo/Guidance/2004.asp
http://www.microsoft.com/isaserver/techinfo/Guidance/2000.asp
Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.asp
Deployment Guidelines for ISA Server 2004 Enterprise Edition
http://www.microsoft.com/technet/prodtechnol/isa/2004/deploy/dgisaserver.mspx
----------------------------------------------------- |
 |
| |
Redirect http to https on OWA IIS6.0 not working externally - chautran99 |
14-Dec-06 12:34:22
|
Phillip Windell wrote: |
 |
| |
Redirect http to https on OWA IIS6.0 not working externally - gershon |
20-Dec-06 03:26:01
|
Hi,
ISA Server 2006 now supports HTTP to HTTPS redirection.
For more information on publishing Exchange 2003 with ISA Server 2006, you
can take a look at the following paper,
http://www.microsoft.com/technet/isa/2006/deployment/exchange2003.mspx.
--
Thanks,
Gershon Levitz
ISA Server Product Team
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights. |
 |
| |
Redirect http to https on OWA IIS6.0 not working externally - Phillip Windell |
20-Dec-06 02:09:37
|
Doesn't that still leave http on the external side? The address bar in the
user's browser still says "http"? Meaning that the SSL only exists between
the ISA and the OWA but not between the ISA and the user?
I've only dealt with this in ISA2004 but redirecting with ISA gave bad
results, so I had to do the redirect using an ASP file on the Exchange's IIS
to do the redirect. So if the user came through the Http Publishing Rule the
ASP files redirected to the "https" URL causing the user's browser to send a
new request through the SSL Publishing Rule.
--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com
The views expressed are my own (as annoying as they are), and not those of
my employer or anyone else associated with me.
----------------------------------------------------- |
 |
| |
Redirect http to https on OWA IIS6.0 not working externally - gershon |
21-Dec-06 11:28:00
|
Yes you will have HTTP and HTTPS selected in the Web listner, and you would
then select "Redirect all traffic from HTTP to HTTPS". When you do this all
traffic from the client to the ISA server that is HTTP will be redirected as
HTTPS. So if the user enters http://mail.contoso.com/exchange the user would
be redirected to https://mail.contoso.com/exchange. So the traffic betwen the
client and the ISA server is secured.
For more information see
http://www.microsoft.com/technet/isa/2006/secure_web_publishing.mspx#AppendixA
--
Thanks,
Gershon Levitz
ISA Server Product Team
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights. |
 |
| |
Redirect http to https on OWA IIS6.0 not working externally - Phillip Windell |
22-Dec-06 04:24:16
|
OK, very good.
Was my ISA2004 approach (and results) correct? So this way you describe is
unique to ISA2006?
--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com
The views expressed are my own (as annoying as they are), and not those of
my employer or anyone else associated with me.
----------------------------------------------------- |
 |
| |
Redirect http to https on OWA IIS6.0 not working externally - hasselboxste |
24-Jan-07 11:53:44
|
Is there a way to allow the web server being published to specify HTTP
or HTTPS...
For example, a public website that allows browsing over HTTP, but has
login pages that will redirect the user to an HTTPS connection.
With the 3 redirect options in ISA 2006, it seems I can have one or the
other but not both.
Thanks for any suggestions. |
 |
| |
Redirect http to https on OWA IIS6.0 not working externally - Phillip Windell |
24-Jan-07 12:07:20
|
It may require multiple publishing rules laid out in a specific order.
But I'm going to have to think about this one.
If anyone knows how to deal with it,...jump in, the water's warm...
Is there any more specific information you can give?
--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com
The views expressed are my own (as annoying as they are), and not those of my
employer or anyone else associated with me.
----------------------------------------------------- |
 |
| |
Redirect http to https on OWA IIS6.0 not working externally - Phillip Windell |
24-Jan-07 12:14:17
|
Looking in the MMC on my Lab machine,...it looks to me that you would publish
the site as if the whole thing was SSL,...then in the Bridging Tab of the
Publishing Rule you would select both HTTP and HTTPS and ISA would handle it
accordingly. Your Listener of course, would have to accept both HTTP and HTTPS.
...still welcoming insight from others...
--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com
The views expressed are my own (as annoying as they are), and not those of my
employer or anyone else associated with me.
----------------------------------------------------- |
 |
| |
Redirect http to https on OWA IIS6.0 not working externally - hasselboxste |
24-Jan-07 02:10:25
|
This MS article... http://support.microsoft.com/kb/924373 describes
what is happening, although neither of the two workarounds are what I
need/want to do, because they force the entire site into HTTPS. In my
case, a login secured portion of the site is HTTPS/SSL based. I tend
to see this setup in e-commerce sites... for example amazon. You
browse their catalog in HTTP. At the point you proceed to their
checkout - you get directed into HTTPS.
I had an ISA 2004 installation that was upgraded to ISA 2006 where this
was working properly. I remember encountering the same issues - but
unfortunately not the fix (which was accomplished with a single rule).
I have since moved to a new ISA 2006 appliance, with entirely new
configuration... and can't get this to function properly.
It's as if there should be a 4th option within the listener's
connection tab - "allow HTTP to HTTPS redirection"
I'd be happy to provide more specific information - if it would help. |
 |
| |
Redirect http to https on OWA IIS6.0 not working externally - hasselboxste |
27-Jan-07 03:28:33
|
I was able to get this to work, under one WEB server publishing rule.
I needed the ability to get HTTP->HTTPS and HTTPS->HTTP.
In my case, the webserver was dictating HTTP or HTTPS via
Response.Redirect commands in ASP.NET.
To accomplish this i useded link translation, adding two "do-nothing"
items:
orginal - trans
https://servername - https://servername
http://servername - http://servername
This was based off the following MS article, which only helped me get
from HTTP to HTTPS, but not HTTPS to HTTP, for that i needed the
second mapping:
http://support.microsoft.com/kb/924373
I hope this info can save someone else time in the future. |
 |
| |
re: Redirect http to https - jules |
27-Feb-07 09:56:35
|
Question directed more at "hasselboxste". I am having the same problem as you posted on 24Jan. The difference is that we are not using IIS but MOSS 2007. Like you I want to force the login page only to SSL. How can this be done in ISA2006? |
 |
| |