Hi All,
I have a situation where OWA is published via TMG (SP3). TMG is running in single NIC mode. OWA rule is set to pre-authentication and let in only users from certain groups. All works fine however when there is a request from a user who doesnt have the access it will fall to the "Last Default Rule" and returns standard TMG deny message to his/her browser. In TMG I see this:
Denied Connection TMG01 18.6.2013 14:11:36Log type: Web Proxy (Reverse)
Status: 12202 Forefront TMG denied the specified Uniform Resource Locator (URL).
Rule: Default rule
Source: Internal (85.195.185.83:27614)
Destination: Local Host (132.87.49.78:443)
Request: GET http://webmail.anonymous.com/owa/
Filter information: Req ID: 104c0fac; Compression: client=Yes, server=No, compress rate=0% decompress rate=0% ; FBA cookie: exists=yes, valid=yes, updated=no, logged off=no, client type=public, user activity=yes
Protocol: https
User: Internal\user.user
Additional information
Client agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)
Object source: (No source information is available.)
Cache info: 0x0
Processing time: 1 MIME type:
Customer requested a Custom deny message to be returned to user. I create a new deny access rule "OWA custom message" and placed it at the bottom. Rule got following paramenters:
Action: Deny Advanced - Display denial notification to user : Custom message
Protocols: HTTP, HTTPS
From: Internal (as it is single NIC)
To: webmail.anonymous.com (Domain name set) also tried http://webmail.anonymous.com/owa*, https://webmail.anonymous.com/owa* (URL set)
Users: All Users
This however newer hit the rule and always fall to the Last Default Rule. What am I doing wrong?
Thanks