MsExchange Blog Spot Telnet25

September 2, 2009

RSA & OWA ( 2007) Two Factor Authentication with ISA 2006

Filed under: General — telnet25 @ 7:10 pm

Here is part two we continue troubleshooting the implementation RSA & ISA 2006 Exchange 2007 CAS servers.

As I said earlier on part I, don’t bother to pock around if you cannot make the SDTEST.exe

Because, rest of the steps wont work and you will at the end need local secret to be copied from.

In previous post we were getting “106-web-server-is-busy-try-again” and when we try to use SDTEST.exe from ISA 2006  Server  we start getting

Problem:  cannot communicate with RSA ACE/Server

Possible cause: you have two NIC Cards on the ISA server one is Public other one is Internal Communication. The test utility does not know how to use the Internal NIC and using External NIC and hence cannot even start communication with RSA server. If you go to Application event log you will notice ACECLIENT errors as fallows

image

make sure  the SDTEST and does know which interface to use so add static route to your ISA Servers as needed. ( see Part 1 for details)

if static route is there and you are getting this time “Access Denied” yet you do know the user name and postcode is correct check the fallowing

image

Add the following String Value registry entry on each ISA Array Member restart “wspsrv.exe”

  • PrimaryInterfaceIP
  • HKEY_LOCAL_MACHINE\Software\SDTI\AceClient
  • Where the string value of PrimaryInterfaceIP is the IP address assigned to the interface that communicates with the RSA Server.

image

 

image

 

After restarting firewall service test once more , bingo it works

image

oz Casey Dedeal,

MVP (Exchange)
MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +

Http://smtp25.blogspot.com (Blog)

Http://telnet25.spaces.live.com (Blog)

Http://telnet25.worldpress.com (Blog

Advertisements

Leave a Comment »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Create a free website or blog at WordPress.com.

%d bloggers like this: