Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ISA550 - cannot load local OWA server

Hi there, one of our customers has an ISA550 installed. Everything working ok and now suddenly they cannot access their OWA server on their own LAN using the domain name or external IP. If they use the local link (http://192.168.1.100/owa) then it works.

I can access the OWA using the domain name and external IP fine from externally but internally it doesnt work

I have looked through all the settings i can think of on the ISA550 and cannot find anything.

Anyone able to assist with this?

Many thanks!

Everyone's tags (6)
3 REPLIES

ISA550 - cannot load local OWA server

Daniel,

Most likely this is a DNS issue.  If you're using DHCP via the ISA and it's providing itself at the DNS server then it is just forwarding DNS requests to the DNS servers assigned to the ISA.  For example if owa.domain.com points to 1.1.1.1 on the internet but the private IP of the Exchange server is 192.168.1.100, then when an internal user requests owa.domain.com the DNS request is sent to the ISA which inturn forwards it to it's public DNS server(s) which returns 1.1.1.1.  Since the internal user can't access 1.1.1.1 internally, since the ISA doesn't support Aliasing, the user can't access the page.  Aliasing allows in transit conversions.  An example would be telling it that requests for 1.1.1.1 should be aliased to 192.168.1.100.  As I mentioned, that's not supported in the ISA.

Does the client have an internal server that can provide DNS (i.e. Windows Server)?  The best method for managing all of this is to have the clients point to an internal DNS server, not the ISA.  Then have the internal DNS server forward any requests for domains it doesn't manage to the ISA which the ISA will forward and so on.  If you're running Active Directory, then using an internal DNS server is actually a necessity to prevent problems.  If you're not running Active Directory but have hosted services (i.e. OWA) that need to be accessible internally and externally, then an internal DNS server is still truly needed.

Shawn Eftink
CCNA/CCDA

Please rate all helpful posts and mark correct answers to assist others searching for solutions in the community.

Shawn Eftink CCNA/CCDA Please rate all helpful posts and mark correct answers to assist others searching for solutions in the community.

ISA550 - cannot load local OWA server

Daniel,

I was out doing some additional reading on the ISA500 and I may have found a solution.  It looks like Aliasing is the wrong term.  That's what it was called back in the days of the PIX and I haven't had a need for it for a long time.  It appears to now be referred to as NAT Hairpinning.  See page 272 of the link below on how to set that up.  If you wouldn't mind, let us know how that works out.

http://www.cisco.com/en/US/docs/security/small_business_security/isa500/administration/guide/ISA500_AG_OL-23370.pdf

Shawn Eftink
CCNA/CCDA

Please rate all helpful posts and mark correct answers to assist others searching for solutions in the community.

Shawn Eftink CCNA/CCDA Please rate all helpful posts and mark correct answers to assist others searching for solutions in the community.
New Member

ISA550 - cannot load local OWA server

This did the trick for me.  Thank you!!

965
Views
5
Helpful
3
Replies