RPC over HTTP behind ISA 2004

[Jeff Vandervoort]

In this scenario, RPC over HTTP works fine--

OL2007 on WinXPSP2--Internet--SOHO router--SBS2003SP2

However in this scenario--

OL2007 on WinXPSP2--LAN--ISA2004SP2--Internet--SOHO router--SBS2003SP2

--I get prompted repeatedly for credentials by my server, but can't
authenticate.

The Win XP SP2 computer is a member of a domain that is not trusted by the
domain on which the ISA firewall is deployed (which I suspect is the
problem). It is a web proxy client to ISA. Web browsing & FTP work fine.

Firewall Client is installed on the client computer, but does not work
unless I make a VPN connection. (ISA is also RRAS server). But once I make a
VPN connection I can also use RPC over HTTP.

Is there a way to make the 2nd scenario work as a web proxy client...without
the VPN connection & FWC?

 

[Jeff Vandervoort]

More info. While running as a Web Proxy client:

OUTLOOK /RPCDIAG shows all entries as "Connecting" when behind ISA. Status
never changes.

In ISA logs, all HTTP connections from the XP client to the remote mail
server are "Allowed". When I query for connections from "External" Network
to the client, there are none. Period. No connections are Allowed, Denied or
Failed.

 

[Jeff Vandervoort]

The 2nd scenario works when I'm using a domain member with the firewall
client. So it seems to come down to being able to use the firewall client on
a computer that's a member of an untrusted domain.

Any way around that?