SSRS Export to Excel not working through VPN (Juniper SA4000)
- by Veynom
We have a SharePoint (MOSS 2007 on Win2003 R2) with SSRS reports (from SQL 2005) embedded in it.
When we connect to the SharePoint portal through our VPN (firewall is Juniper SA4000) and using Internet Explorer (6, 7, and 8) and try to export any SSRS report under Excel, we get an error message:
Internet Explorer cannot download .
Internet Explorer was not able to open the internet site. The requested site is either unavailable or cannot be found. Please try again later.
When not using the VPN (LAN from the office), everything (exporting under Excel) works fine.
When using Firefox through the VPN, it works fine.
When exporting to any other format (pdf or text or whatever), everything is fine under both IE and FF.
Our firewall people suspect something in SSRS/MOSS/Office. Our MOSS consultants suspect something in the firewall Juniper SA4000.
When using Fiddler and when not connected through VPN, I see the following traffic once i click on the "Export button":
(Response was a request for client credentials)
GET /ReportServer/Reserved.ReportViewerWebControl.axd?ExecutionID=j1pqbvbqkb34qf45fhlgnx55&ControlID=733607a7d607476abb1e6b8794202158&Culture=127&UICulture=9&ReportStack=1&OpType=Export&FileName=Product+Application+Report&ContentDisposition=OnlyHtmlInline&Format=EXCEL HTTP/1.1
Accept: */*
Accept-Language: en-US,fr-be;q=0.5
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB5; .NET CLR 2.0.50727; .NET CLR 1.1.4322; InfoPath.2; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; MS-RTC LM 8; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)
Accept-Encoding: gzip, deflate
Connection: Keep-Alive
Host: r1frchcurdb01.r1.group.corp
HTTP/1.1 401 Unauthorized
Content-Length: 1656
Content-Type: text/html
Server: Microsoft-IIS/6.0
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
X-Powered-By: ASP.NET
Date: Mon, 08 Jun 2009 09:25:21 GMT
Proxy-Support: Session-Based-Authentication
then (Generic Response successful):
GET /ReportServer/Reserved.ReportViewerWebControl.axd?ExecutionID=j1pqbvbqkb34qf45fhlgnx55&ControlID=733607a7d607476abb1e6b8794202158&Culture=127&UICulture=9&ReportStack=1&OpType=Export&FileName=Product+Application+Report&ContentDisposition=OnlyHtmlInline&Format=EXCEL HTTP/1.1
Accept: */*
Accept-Language: en-US,fr-be;q=0.5
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB5; .NET CLR 2.0.50727; .NET CLR 1.1.4322; InfoPath.2; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; MS-RTC LM 8; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)
Accept-Encoding: gzip, deflate
Connection: Keep-Alive
Host: r1frchcurdb01.r1.group.corp
Authorization: Negotiate YIIIewYGKwYBBQUCoIIIbzCCCGugJDAiBgkqhkiC9xIBAgIGCSqGSIb3EgECAgYKKwYBBAGCNwICCqKCCEEEggg9YIIIOQYJKoZIhvcSAQICAQBugggoMIIIJKADAgEFoQMCAQ6iBwMFACAAAACjggdNYYIHSTCCB0WgAwIBBaEPGw1SMS5HUk9VUC5DT1JQoi4wLKADAgECoSUwIxsESFRUUBsbcjFmcmNoY3VyZGIwMS5yMS5ncm91cC5jb3Jwo4IG+zCCBvegAwIBF6EDAgEKooIG6QSCBuUaO7Wi3upEDz+lNA+GLwydOvR57pEzpN0hzKoBe4T6YCx8g05XW4A2cD3P29EuWz2fZiPeHFs8HYYCm7YLkXoKMayzZzgIG91s8Y/H9CZmfTH06rmJfWLyg47AvJ1gkgCLnOxqy1fHuTCeuUpDIkx2eG/bbMM1yYcgR94m+R59qeNwaNFxQJwFt8xpGFeZbfPSPK6mFRDKwbVuyW+c5BmL+SfGfPY0LBPo6wVLihS2vOgNLH/UVyoJZm5XZWTG4ou++o7AdCEoacxdKvXWWMMKweokjFVvrsffDKhu6ecgRxSpvgwNT35Wy6pvrw8hXD0QwhkJ0dB6CAfrpBtvhLThnjDZJdnP+Y+0IMAcDfPpNBteZUGCcJAdmcq/Fi+eSz6Y9T9xKJoTxdT1VssTDAlP0aHsXNmnwx7OcWo5Zgyh0Cucjd7G5LCQeodj0H65dMipYOurtCnL1K8DYwQBnxD8AtkSrPfL1LM1lWTiUCjMtNmX7oIU5mFzQzr3DqbB3TPN4tp+1xulSHuSjqGaiTmbrwaV6m0dtpGlmOO148Gzgclf5k+eZhdITje6mTZyFkunr2spXnEv7uzjghx73YKRGK/nXXQdfEWIrmUyDbc5qGxYBnXfhtg2xNdSIwTgZJTEIm7Mqnat3mpPtQiw8PUPUNfByPSlFMpvZcmy6tJoAnUyFrJfJ9NgXenVcj+YZOAo/uhFcpXgNHV0o2hi8j4vJ982HgRSB1zw+yEPQUp1P61lVIsl/M893lY2sgwFk+DCGmNwbumAKn5gDfq702yy1Drb9Vk6OwlhPXp0c98BFDvZj7sWxHE6e30f1RMOVTN1btngiWr+xO3Dnt+GpKPeKe3ISNcKyzU0zT+kaqx59IPOCRYFB/ZWBmW5+VIV3IxtdRf/rlc7b269JyUZx+xN8n5Stg/fq/XrAbKgXUlnwXGmUGh0deqzqciZc4uFFzrgA6Ba2ZG/3OIcAWPZck37YvIqiUzeustijlGr969ahw2ugHksGuKcihzCpdKLoEciphgpf+kGkXQfSnIuQCqD5N8Vx/uNs7IY87geu3+hwk1GpxUHmikb8/v6qiNL2W5LMIVrSXxuuT1Czoomqxrcic/F9PbBzk62pItS/fhWj3rj23GqwQOCzsQ+UeGTxf2JGtNZsS5nbfv9/7ZYxH0fqUdjHfJpZHd4f5Mk7L+5taNmsyY0BKU0QxIWJQZkLihpsXDInWQ67IUN5nsvvo7Ix1Rh1mZ3Wf/Z9a91O3QhUt3g1AsuzpZtWC+2oFs887KAwkGKr0ex/2pWZtzlCDCULk28f64XYcd+HYQ4Tv1l48okH43jXhSNZnLTTLM4zHcCBpBuBoiVuuKY+haHwuf50C0esn/3EdSf32P/Jvuc/Y12PlqhG8j8fPOmSfTAeT2Rh0aLGLlyOfOTdj/+Uy2RhYwck4mUr1BMJVyLCGCTsMxvxrmQj+bSQbzStj8YrDsQM6/vw3fMs+ZX3NKsADwmRL3PhNQXR1+HVD+oWC2XWITTMVO+SJjl937mvVMjNYsC1sdDUzVlyCLSJxNaa+xLEKymM33tp+4GixDar5QTaTntcFqGUZ/YSvrcBFjQOgXBS62OqIFxKWy6csu3K7eIoprDfhNS/la+4gC871TaRw6rwQNMLwsVjYDgq+e8MXACKXr7jEZyojpT5aOvd0QQte8ThCv82JYTrJvnBIiXWQSNt0MH0ynP7h0uG1eip0RH2VF5nQ7SVNmyVGDXJu/VpVAY2lgfFNIzJS9SxPXGHOn7EZ7cEcOoF7XiVV2baNwqloH3GntBTBFYZ+9N6mH6lRSH8HbOlzCXCQjZEV+qvBwzKVWuC5WbKR26KkjfQ3Ntsjo9cGV5I51Mhve7j7Hkttf1otbOzrj8+ErpFJd9/5UEC4qo6KmQ0Tar3rsfcvbBr18uzxEjV8LY+ZM6WTn5H/6hb/2eFwnVieWOhi1l+O0t+vGyUJpPwwPQQ6hzbxKIWPGjLK4lQnTbNRdQFvpmfIOKAMFui3w1SgxsWNxmMJJeGViJKBP592JzAbu3vFGPdAfnFEOb3ffTOid/hrTu/hAZRSjK+YQEKrju6sohPkHRoRyI+tlyYEWTyQ7oe3fR64J2lQJ8bCt8xtRVYIX8NY2gPvRCLTHbB3jSrK+Fnn7zqASM5yYC+JSiezdqEMkVsgc5HHH1mQxsMS8EgR6mj42QErDtKSKuGMExCPRW/8jvMK0eGepfA2U/WOiv2x2AgamQw1sI8sZtsBdD4jnP5WNkZSJ0i0SuybiCUiArPJgXjJTL+zgEX6kGOMrCFCtArunu6pDaXPQvAKngLFXc4CGdpMnDaVoeCyVO9J32tNfEauxEpIG9MIG6oAMCAReigbIEga8OSk5Xji0SAuy9NwxX1G4Avd5wZWj/OgZZ2VnSIiB7GpMJ4Dsnr/6jfLGj1V9V1zpHNoZG18ipW5R+OlF2rm7T4QKaZWsgwBvuyS5xtn9FGJqGYEmQLSqXbXsLfdT6xqPhB3poBbBtzPGCX/ZgW38iTyJOcbT6QW7TAj340+5EiZvy61jLFU1HtJ3wv41Hv6puSWCLotoS85SPerGz+SVYOZUbmKcx2lTXUTPinPhN
HTTP/1.1 200 OK
Date: Mon, 08 Jun 2009 09:25:21 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
WWW-Authenticate: Negotiate oYGgMIGdoAMKAQChCwYJKoZIgvcSAQICooGIBIGFYIGCBgkqhkiG9xIBAgICAG9zMHGgAwIBBaEDAgEPomUwY6ADAgEXolwEWm70xlMp4oj/PyvriNMeNDigow6/MX2DpaYQdBfGkiF0Dcc323tHLRBxBL03QpvwdGBxZGAJI6V1G8sc/lVBzhlCNsZkbJcNfnMNgOgc7UPrz+ZVav/EVm3sDQ==
X-AspNet-Version: 2.0.50727
Content-Disposition: attachment; filename="Product Application Report.xls"
Cache-Control: private
Expires: Mon, 08 Jun 2009 09:24:21 GMT
Content-Type: application/vnd.ms-excel
Content-Length: 23012
When using the VPN, I see no traffic in Fiddler and the error message is displayed before anything else.
Update 17/06/2009:
I could get a hand on some logs from our SA4000. Maybe this could help more.
Info PTR23232 2009/06/15 17:22:38 - <SA4000> - [<SA4000 IP>] - <user>[SA4000 group names] - Start Policy [WEBURL/PROTOCOL] evaluation for resource http://<DB server>:80/ReportServer/Reserved.ReportViewerWebControl.axd?ExecutionID=rua1g355tic24245f2e13lim&ControlID=44168efcd36e461493f7a69962580b91&Culture=127&UICulture=9&ReportStack=1&OpType=Export&FileName=Product+Application+Report&ContentDisposition=OnlyHtmlInline&Format=EXCEL
Info PTR23233 2009/06/15 17:22:38 - <SA4000> - [<SA4000 IP>] - <user>[SA4000 group names] - Applying Policy [Enable HTTP 1.1]...
Info PTR23240 2009/06/15 17:22:38 - <SA4000> - [<SA4000 IP>] - <user>[SA4000 group names] - Resource filter [http://nsrvnts2:80/*] does not match
Info PTR23240 2009/06/15 17:22:38 - <SA4000> - [<SA4000 IP>] - <user>[SA4000 group names] - Resource filter [http://nsrvnts3:80/*] does not match
Info PTR23233 2009/06/15 17:22:38 - <SA4000> - [<SA4000 IP>] - <user>[SA4000 group names] - Applying Policy [Disable HTTP 1.1]...
Info PTR23239 2009/06/15 17:22:38 - <SA4000> - [<SA4000 IP>] - <user>[SA4000 group names] - Action [HTTP 1.0] is returned
Info PTR23234 2009/06/15 17:22:38 - <SA4000> - [<SA4000 IP>] - <user>[SA4000 group names] - Policy [Disable HTTP 1.1] applies to resource
Info PTR23308 2009/06/15 17:22:38 - <SA4000> - [<SA4000 IP>] - <user>[SA4000 group names] - Skip Policy [WEBURL/COMPRESSION] evaluation because Compression option is not enabled
Info PTR23232 2009/06/15 17:22:38 - <SA4000> - [<SA4000 IP>] - <user>[SA4000 group names] - Start Policy [WEBURL/WEBPDSID] evaluation for resource http://<DB server>:80/ReportServer/Reserved.ReportViewerWebControl.axd?ExecutionID=rua1g355tic24245f2e13lim&ControlID=44168efcd36e461493f7a69962580b91&Culture=127&UICulture=9&ReportStack=1&OpType=Export&FileName=Product+Application+Report&ContentDisposition=OnlyHtmlInline&Format=EXCEL
Info PTR23233 2009/06/15 17:22:38 - <SA4000> - [<SA4000 IP>] - <user>[SA4000 group names] - Applying Policy [Corporate BI Portal]...
Info PTR23240 2009/06/15 17:22:38 - <SA4000> - [<SA4000 IP>] - <user>[SA4000 group names] - Resource filter [http://<SharePoint>:80/*] does not match
Info PTR23240 2009/06/15 17:22:38 - <SA4000> - [<SA4000 IP>] - <user>[SA4000 group names] - Resource filter [http://<SharePoint>/*] does not match
Info PTR23235 2009/06/15 17:22:38 - <SA4000> - [<SA4000 IP>] - <user>[SA4000 group names] - No Policy applies to resource
Any tip welcome. :)
