In the console tree of ISA Server Management, click
Firewall Policy.
On the Toolbox tab, click Network Objects.
Expand Web Listeners, and then click the applicable Web
listener.
On the toolbar beneath Network Objects, click
Edit.
On the RSA SecurID tab, verify that Send SecurID
cookie to upstream server is selected.
Notes
To open ISA Server Management, click Start, point to
All Programs, point to Microsoft ISA Server, and then
click ISA Server Management.
For ISA Server 2006 Enterprise Edition, expand
Microsoft Internet Security and Acceleration
Server 2006, expand Arrays, expand
Array_Name, and then click Firewall
Policy.
For ISA Server 2006 Standard Edition, expand Microsoft
Internet Security and Acceleration Server 2006, expand
Server_Name, and then click Firewall
Policy.
Important
If you do not select this option, ISA Server removes the
SecurID cookie from the header, and invalid cookies are forwarded
to the Outlook Web Access server that is being published. When ISA
Server is configured to use SecurID authentication, forms-based
authentication will not function as expected, because forms-based
authentication requires its own cookie to identify the client.
After the client successfully authenticates to ISA Server and to
the Outlook Web Access server, Internet Explorer sends both cookies
to ISA Server, on the same cookie header. ISA Server removes the
SecurID cookie from the header and alters the remaining cookies so
that they are invalid. The Outlook Web Access server does not
receive the required credentials, and presents the forms-based
authentication form to the client again.
Get
latest ISA Server content at ISA
Server Guidance.
Send
feedback about this page.