"The ISA Server denies the specified Uniform Resource Locator (URL)" error message when a client tries to connect to the Internet through ISA Server 2006 or through ISA Server 2004 (837451)



The information in this article applies to:

  • Microsoft Internet Security and Acceleration Server 2004, Standard Edition
  • Microsoft Internet Security and Acceleration Server 2006 Enterprise Edition
  • Microsoft Internet Security and Acceleration Server 2006 Standard Edition
  • Microsoft Internet Security and Acceleration Server 2004, Enterprise Edition

For a Microsoft Internet Security and Acceleration Server 2000 version of this article, see 270395.

SYMPTOMS

After you install Microsoft Internet Security and Acceleration (ISA) Server 2006 or after you install ISA Server 2004, when a client browser tries to connect to aWeb address, the client may receive the following error message:
Error Code: 502 Proxy Error. The ISA Server denies the specified Uniform Resource Locator (URL).

CAUSE

This behavior occurs because the firewall does not permit any traffic after the initial installation of ISA Server is complete. By default, when you install ISA Server, a default rule is created that denies all access to and from all networks. This default rule cannot be modified or deleted. The default rule is always processed last.

RESOLUTION

To resolve this behavior, you must set up firewall policy rules that permit traffic. To do so, follow these steps:
  1. Click Start, point to Programs, point to Microsoft ISA Server, and then click ISA Server Management.
  2. In the left pane, click ServerName, where ServerName is the name of your ISA Server computer.
  3. In the middle pane, under Getting Started, click View and Create Firewall Policy Rules.
  4. In the right pane, click the Tasks tab.
  5. Click Create New Access Rule.

    Note In ISA Server 2006, click Create Access Rule.
  6. Follow the steps in the New Access Rule Wizard to create an access rule that permits the traffic that you specify.

STATUS

This behavior is by design.

Modification Type:MajorLast Reviewed:9/29/2006
Keywords:kbISA2006Swept kbFirewall kbenv kberrmsg kbprb KB837451 kbAudITPRO