Web Page access over Trust Relationship/VPN

dtaylforth_at_bmcl.com.au
Date: 07/15/04

• Next message: Jeff Cochran: "Re: IIS"
• Previous message: Bart: "passing NTLM authentication to another virtual site on same IIS"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Wed, 14 Jul 2004 19:14:37 -0700

Environment Overview

The Domain is a mixed environment with predominantly NT4
DC's, some Windows 2000 member servers and a Windows 2003
PDC. There are two Domains Australia (BMCL) and New
Caledonia (NEWCALEDONIA), which is a Windows 2000 Domain
running in mixed mode. There are ISA Firewalls installed
in both environments, we are utilising ISA Permanent
VPN's to provide connectivity between the Domains.

The NEWCALEDONIA Domain is using DNS for name resolution
and there is no WINS, the DNS zone is newcaledonia.local.
The BMCL Domain is using WINS and DNS for name
resolution, the DNS zone is bmcl.local. The PDC in each
Domain has a secondary copy of the alternative DNS zone.

A Domain Trust has been established between the BMCL and
NEWCALEDONIA Domains and largely appears to be
functioning correctly however a couple of issues have
been noted.

Issue

When trying to connect to "Intranet" with Internet
Explorer from clients on the NEWCALEDONIA Domain the
following error is presented.

403 Forbidden - The ISA Server denies the specified
Uniform Resource Locator (URL) (12202) Internet Security
and Acceleration Server.

If I ping "Intranet" from the client it resolves as I
would expect to intranet.bmcl.local with the correct IP
address. If the FQDN is entered into the browser then
connection will be established, but I am prompted for
user credentials, if the logged on user credentials are
entered the web pages are displayed correctly.

We would like the clients to be able to connect
to "Intranet" without having to use the FQDN and without
the need to re-enter the logged on users credentials.

---

• Next message: Jeff Cochran: "Re: IIS"
• Previous message: Bart: "passing NTLM authentication to another virtual site on same IIS"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Domain Browser Updates over Trust Relationship/VPN ... The Domain is a mixed environment with predominantly NT4 ... some Windows 2000 member servers and a Windows 2003 ... the DNS zone is newcaledonia.local. ... There are no Domain Browser updates occurring between the ... (microsoft.public.windows.server.networking) Resource Access across Domains ... The Domain is a mixed environment with predominantly NT4 ... some Windows 2000 member servers and a Windows 2003 ... the DNS zone is newcaledonia.local. ... NEWCALEDONIA Domain I logged onto a PC within the BMCL ... (microsoft.public.windowsxp.network_web) Re: Exchange 2003 in an Windows 2000 AD environment ... Log File is located on your system drive, Exchange Server Setup ... > when I run forestprep on a windows 2003 server in a Windows 2000 AD ... > same procedures on a vmware environment all works well the only difference ... (microsoft.public.exchange.setup) Re: Known Notebooks Running Windows Server 2003 ... There's a good overview of building a MOSS VPC environment here: ... He is not suggesting running VS 2005 in Windows XP. ... Windows Server 2003 which in turn is used as the platform for WSS ... develope the web parts that way, rather than develope on a Windows XP ... (microsoft.public.sharepoint.portalserver) Re: Known Notebooks Running Windows Server 2003 ... And deploying your web parts to a prod environment is trivial. ... running a Virtual Machine under Windows XP and that Virtual Machine uses ... Windows Server 2003 which in turn is used as the platform for WSS ... develope the web parts that way, rather than develope on a Windows XP ... (microsoft.public.sharepoint.portalserver)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(16)