Microsoft Exchange Client Access server “%1” attempted to proxy Outlook Web Access traffic to Client Access server “%2”. This failed because “%2” did not respond. Outlook Web Access will attempt to proxy this traffic to Client Access server “%3” in the same Active Directory site.Additional information: %4.

Details
Product: Exchange
Event ID: 39
Source: MSExchange OWA
Version: 8.0
Symbolic Name: ProxyErrorCASFailoverTryNextOne
Message: Microsoft Exchange Client Access server “%1” attempted to proxy Outlook Web Access traffic to Client Access server “%2”. This failed because “%2” did not respond. Outlook Web Access will attempt to proxy this traffic to Client Access server “%3” in the same Active Directory site.Additional information: %4.
   
Explanation

This Error event indicates that Microsoft Office Outlook Web Access could not proxy a request from a computer that is running the Client Access server role to a Client Access server that is located in a different Active Directory directory service site. To try to resolve this issue, Microsoft Exchange has proxied the request to an alternative Client Access server in the same Active Directory site as the Client Access server that failed. This error may be caused by the network connectivity issues between this Client Access server and the remote Client Access server.

For more information about Outlook Web Access proxying and redirection, see Understanding Proxying and Redirection.

   
User Action

To resolve this error, take one or more of the following steps:

  • Use the Ping or PathPing command-line tools to test basic connectivity. Use Ping to isolate network hardware problems and incompatible configurations. Use PathPing to detect packet loss over multiple-hop trips. For more information, see Microsoft Knowledge Base article 325487, How to troubleshoot network connectivity problems.

  • Review the Application and System event logs for network-card-related events or connectivity-related events.

  • Check to see whether other computers that use the same default gateway and are plugged into the same hub or switch have also experienced connectivity problems. If the other computers connected to the same default gateway have not experienced network connectivity problems, the problem may be caused by a network adapter issue on a single computer. If this is the case, try to resolve this issue by following one or more of these steps:

    • Replace the network adapter with a network adapter that has been tested and proven reliable.

    • Update the driver for the network adapter driver to the latest version.

    • Replace the network cable between the system that failed and the hub or switch.

  • Check the settings on the network adapter and uplink hardware. The uplink hardware is the hub or switch that is used by the computer that has the Unified Messaging server role installed. Make sure that all network hardware is configured correctly by following these steps:

    • Make sure that the speed and duplex-level settings are the same on all network hardware.

    • If the media type is set to autosense, autosensing, autodetect, or Auto Select, make sure that all components autosense correctly.

If you are not already doing so, consider running the tools that Microsoft Exchange offers to help administrators analyze and troubleshoot their Exchange environment. These tools can help you make sure that your configuration is in line with Microsoft best practices. They can also help you identify and resolve performance issues, improve mail flow, and better manage disaster recovery scenarios. Go to the Toolbox node of the Exchange Management Console to run these tools now. For more information about these tools, see Toolbox in the Exchange Server 2007 Help.

Related:

The RPC over HTTP Proxy component is not installed or is not configured correctly. Use the Windows Component Wizard to add the RPC over HTTP Proxy component to the Networking Services.

Details
Product: Exchange
Event ID: 2003
Source: MSExchange RPC Over HTTP Autoconfig
Version: 8.0
Symbolic Name: ProxyNotInstalled
Message: The RPC over HTTP Proxy component is not installed or is not configured correctly. Use the Windows Component Wizard to add the RPC over HTTP Proxy component to the Networking Services.
   
Explanation

This Error event indicates that the RPC over HTTP Proxy component of the Networking Services is not installed or is configured incorrectly. The Outlook Anywhere feature requires the RPC over HTTP Proxy component to be installed on the Exchange Client Access server. When the RPC over HTTP component is installed and the Secure Sockets Layer (SSL) certificate for the default Web site is configured appropriately, the RPC over HTTP Autoconfiguration component sets and maintains the remaining required Exchange Client Access server configuration.

   
User Action

To resolve the error, follow these steps on the Exchange Client Access server:

  1. From Add or Remove Programs, select Add/remove Windows Components.

  2. If the RPC over HTTP component of the Networking Services is not installed, use the Windows Components Wizard to add the RPC over HTTP proxy component.

    Note   After the component is installed, it may take 15 minutes before the Exchange Client Access server is fully configured for Outlook Anywhere operation.

If you are not already doing so, consider running the tools that Microsoft Exchange offers to help administrators analyze and troubleshoot their Exchange environment. These tools can help you make sure that your configuration is in line with Microsoft best practices. They can also help you identify and resolve performance issues, improve mail flow, and better manage disaster recovery scenarios. Go to the Toolbox node of the Exchange Management Console to run these tools now. For more information about these tools, see Toolbox in the Exchange Server 2007 Help.

Related:

An Access-Request was received from client %1 with a signature attribute that is not valid.

Details
Product: Windows Operating System
Event ID: 18
Source: IAS
Version: 5.0
Symbolic Name: RADIUS_E_INVALID_SIGNATURE
Message: An Access-Request was received from client %1 with a signature attribute that is not valid.
   
Explanation

This event record indicates that there is a problem with either the shared secrets or a RADIUS proxy server.

   
User Action

The person with administrative rights on the computer needs to verify that the secrets on the client network access and RADIUS servers match exactly. There are a few rules you must follow for successful shared secrets. Shared secrets:

  • Must be exactly the same on both servers.
  • Are case-sensitive.
  • Can use any standard alphanumeric and special characters. Using combinations of uppercase and lowercase letters, numbers, and special characters will make the shared secrets more secure.
  • Can be up to 255 characters long. Long shared secrets are more secure than shorter ones.

If the shared secrets match, the problem may be with the RADIUS proxy server. Contact the RADIUS proxy manufacturer for assistance.

Related:

Configure your Bluemix Node.js authorization proxy to communicate with the user

In this article, you learn how a mostly transparent proxy can produce
pop-up messages to communicate with the user. You send the user a small script
that asks the proxy every second if there are any messages for it. When it
gets a message, it covers the screen until the message is acknowledged. Using
this technique, an authorization proxy can inform the user when an attempted
action is unauthorized, and how to get authorization for it.

Related:

WebSphere proxy server routing capabilities in a secured environment

This article discusses the various routing capabilities of the WebSphere
proxy server, which is a feature of IBM WebSphere Application Server Network
Deployment. Multiple configuration scenarios are presented, along with
background information, setup
instructions and tips to help you achieve success routing content using proxy
server features in a secured environment.

Related:

How can I prevent squid from being detected?

I’ve set up a proxy server on AWS in the US in order to allow me to browse the american internet from the UK, however I would like to hide this so that the reverse end cannot detect I am using squid. Is this possible, and if so, how?

Related:

Nginx proxy by Request Method

Is it possible/how can I configure an Nginx location block to proxy to different backends depending on the request method (ie. GET/POST)?

The reason is, I am currently handling the 2 methods at 2 different URLs (one via http proxy and the other via fcgi) and am trying to make it more “REST”ful so, would ideally like the GETting the resource to return the list, while POSTing to the same resource should add to the list.

Related:

502: proxy: pass request body failed

Sometimes I get the following error (in apache’s error.log) when viewing my site over https:

(502)Unknown error 502: proxy: pass request body failed to xxx.xxx.xxx.xxx:443

I’m not entirely sure what this is and why it happens, it’s also not consistent.

The request route is:

  • Browser
  • Proxy server (apache with mod_proxy + mod_ssl)
  • Load balancer (aws)
  • Web server (apache with mod_ssl)

The configuration on the proxy server is as follows:

<VirtualHost *:443>
    ProxyRequests Off
    ProxyVia On

    ServerName                      www.xxx.co.uk
    ServerAlias                     xxx.co.uk

    <Directory proxy:*>
        Order deny,allow
        Allow from all
    </Directory>

    <Proxy *>
        AddDefaultCharset off
        Order deny,allow
        Allow from all
    </Proxy>

    ProxyPass / balancer://cluster:443/ lbmethod=byrequests
    ProxyPassReverse / balancer://cluster:443/
    ProxyPreserveHost off

    SSLProxyEngine On
    SSLEngine on
    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
    SSLCertificateFile /var/www/vhosts/xxx/ssl/www.xxx.co.uk.cert
    SSLCertificateKeyFile /var/www/vhosts/xxx/ssl/www.xxx.co.uk.key

    <Proxy balancer://cluster>
        BalancerMember https://xxx.eu-west-1.elb.amazonaws.com
    </Proxy>

</VirtualHost>

Any idea what the issue might be?

Related: