We went live for a bit today and ran into a problem with the MWG7. It was requiring authentication from users that were trying to connect to OWA and an site in which customers can use to pay their bills. Do I just need to add those IPs to a whitelist or is there something else I'm missing?
If you're enforcing authentication then you would normally want to exclude the URLs from authentication but customers find it more convenient to continue logging users making the request and exclude the User-Agent header from having to authenticate.
To be a little more explicit, you need to white list User-Agents from authentication hence many desktop applications such as java, media players, etc... cannot handle intergrated authentication.
You could run a network capture whilst replicating the issue and check which request is being denied due to failing to authenticate, ofcourse if this is the reason.on 1/5/11 3:48:51 PM CST
I still think a network connection or a connection tracing under Configuration > Troubleshooting will help you determine the issue.
Fixed this problem by doing a Stop Cycle for some external exceptions since our MWG7 in in-line with all incoming and outgoing traffic. Imagine that! Also, had to fix a CNAME error in DNS. Big thanks to Jon Scholton!