Comments on: About Web Listener Certificates for the ISA and TMG Firewalls http://blogs.isaserver.org/shinder/2008/05/19/about-web-listener-certificates-for-the-isa-and-tmg-firewalls/ Written by Dr Thomas W Shinder, consultant to Microsoft, HP and many Fortune 500 companies on ISA firewall and Web proxy deployments this blog is where administrators get information about ISA Server Universal Threat Management firewalls. Topics include how to manage, deploy, and troubleshoot ISA Server as a network firewall, Web proxy/Web cache, remote access VPN server and VPN gateway to provide a high level of network security for all corporate computers. Fri, 21 Nov 2008 03:30:44 +0000 http://wordpress.org/?v=MU by: Michel Calle http://blogs.isaserver.org/shinder/2008/05/19/about-web-listener-certificates-for-the-isa-and-tmg-firewalls/#comment-185677 Wed, 28 May 2008 19:30:22 +0000 http://blogs.isaserver.org/shinder/2008/05/19/about-web-listener-certificates-for-the-isa-and-tmg-firewalls/#comment-185677 Hi Thomas, We have implemented internally and in our clients the same infrastructure 1 ISA Server 20006 as Back-end Firewall (the Front-end Firewall is an appliance) 1 Exchange Server 2003 as Front-end Server 4 Exchange Server 2003 as Back-end Server The ISA Server has the GFI Web Monitor 4 We publish the OWA Server on the Front-end using the built-in Form-based authentication method inside the Web Listener on the ISA Server. We secure the publishing rule with a Self Signed Certificate (generated with Microsoft SelfSSL.exe Tool) with the public name of the site The Rule work fine internally for 4 months and in the client site 1 month The failure has the same symptom: The Site don't exist The workaround we use: Remove the certificate from Windows Certificates and install the same certificate again (not generate another certificate with the same name, we the same certificate that previously export to a PFX file). The Event Viewer don't register anything about that The Alerts on ISA Server don't say nothing The Microsoft Support site don't have anything too For the moment both sides work fine but we had 2 failures on the client and 1 internally Please Help Us Michel Hi Thomas,

We have implemented internally and in our clients the same infrastructure
1 ISA Server 20006 as Back-end Firewall (the Front-end Firewall is an appliance)
1 Exchange Server 2003 as Front-end Server
4 Exchange Server 2003 as Back-end Server
The ISA Server has the GFI Web Monitor 4
We publish the OWA Server on the Front-end using the built-in Form-based authentication method inside the Web Listener on the ISA Server.
We secure the publishing rule with a Self Signed Certificate (generated with Microsoft SelfSSL.exe Tool) with the public name of the site
The Rule work fine internally for 4 months and in the client site 1 month
The failure has the same symptom: The Site don’t exist
The workaround we use: Remove the certificate from Windows Certificates and install the same certificate again (not generate another certificate with the same name, we the same certificate that previously export to a PFX file).
The Event Viewer don’t register anything about that
The Alerts on ISA Server don’t say nothing
The Microsoft Support site don’t have anything too
For the moment both sides work fine but we had 2 failures on the client and 1 internally

Please Help Us

Michel

]]>