Dean Calvert MVP for Small Business Server had me present at the Adelaide User Group tonight. Great turnout! Presentation went fine past the first demo and all. Unfortunately my second demo failed just at the crucial time when I wanted to do a reverse publish of an Exchange OWA server. Basically the ISA box started doing a 403 Forbidden message despite the fact I had it configured correctly in ISA 2004 and that I had tested it previously and it had worked. So when I got back to my hotel I set about trying to work out why it failed. Went back to basics tried it all again...still failed. Tried adding an allow all outgoing rule from local host to external and internal just to be sure...still failing. So I reinstalled it. Reconfigured the same way I had it done before and it worked fine... I can only put it down to one of two things:
1. I added a network adapter after I installed ISA 2004 and didnt follow the Q840698 article
2. I added the machine to the Active Directory Domain I have.
The AD one of these is unlikely. I can only put it down to the addition of the network adapter. I tried to find some support articles on it but didnt find one...odd! Anyway it came up working fine after the second install. Tristan (Mr ISA)?....Anything to add about why this might have happened??
Nope, ya got me!
If your domain runs an Enterprise CA, it's possible that autoenrollment kicked in and fixed a certificate trust/naming problem - ISA's always been a stickler for trusted, properly named certs...
So with apologies that I can't pick a good theory other than that, if you hit something like this again grab ISAINFO 2004 (http://isatools.org) and run it on the box box before you fix it - we can take a look and (often) work out what was wrong with the "before" picture.
And we haf other veys too...