Client requests to access a published Web site are blocked when you configure ISA Server 2006 to allow direct authentication to access a published Web server

You configure a computer that is running Microsoft Internet Security and Acceleration (ISA) Server 2006 to use pass-through authentication to access a published Web server. After you do this, all client requests to access the published Web site are blocked. Additionally, you may receive an error message that resembles the following:

Error Code: 403 Forbidden. ISA Server is configured to block HTTP requests that require authentication. (12250)

• You experience this issue when you use the No delegation, but client may authenticate directly (pass-through) authentication method.
• This issue may occur even if the ISA Server 2006 computer publishes a site that requires no authentication.

This issue may occur if the following conditions are true:

• The Allow client authentication over HTTP check box in the Web listener's Advanced Authentication Options dialog box is not selected.
• The Web listener is not enabled to listen for Secure Sockets Layer (SSL) requests.

For the solution, check out the KB article here:

http://support.microsoft.com/kb/924374

HTH,

Tom

Thomas W Shinder, M.D.
Site: http://www.isaserver.org/
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7
Email: [email protected]
MVP — Microsoft Firewalls (ISA)