Re: Secure Website fails with ISA
From: SuperGumby [SBS MVP] (not_at_your.nellie)
Date: 10/07/04
- Next message: Lewej: "Re: Secure Website fails with ISA"
- Previous message: piertonio: "Re: vpn problems: lan slow"
- In reply to: Lewej: "Re: Secure Website fails with ISA"
- Next in thread: Lewej: "Re: Secure Website fails with ISA"
- Reply: Lewej: "Re: Secure Website fails with ISA"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 7 Oct 2004 20:48:46 +1000
The first method sortta bypasses ISA, the other tells ISA how to handle the
unusual traffic.
I prefer to tell ISA how to handle the unusual traffic, but if you take this
choice you must add support for each unusual type of transaction.
My ISP's account management needs https://TheirServer:PortNumber/RestOfURL
Another service I require (which I can't recall at the moment) requires
https://TheirServer:SomeOtherPortNumber/RestOfURL
To access CompanyWeb from home behind ISA I need
https://OurServer:YetAnotherPortNumber/RestOfURL
To set this up on my ISA, I once created a .vbs to tell ISA how to handle
all three. Simple.
If I had a thousand users accessing https sites through different
non-standard ports it would be simpler to advise everyone to turn off the
secure proxy.
What's best for you? Sorry, not a question I can answer :-)
"Lewej" <anonymous@discussions.microsoft.com> wrote in message
news:146701c4ac40$3bc77bb0$a401280a@phx.gbl...
> Hi SuperGumby
> Wow - yes it all works now. Very impressive, thanks a
> lot.
> Does this affect ISA or my security settings or anything
> by using a different proxy and not going through port
> 8080?
> Cheers
> Lewej
>>-----Original Message-----
>>try going into your IE proxy settings and telling it not
> to 'use the same
>>proxy for all protocols'
>>
>>then delete the proxy information on the line 'Secure:'
>>
>>OR
>>
>>modify ISA via vbs as you mentioned to allow secure
> proxy to port 2083.
>>http://support.microsoft.com/default.aspx?scid=kb;en-
> us;283284 opens secure
>>proxy via port 9443, just substitute 2083
>>
>>"Lewej" <anonymous@discussions.microsoft.com> wrote in
> message
>>news:3f5701c4ab82$2b3f1870$a301280a@phx.gbl...
>>> Hi SuperGumby
>>> Thanks for your reply. Ah...the port I need to access
> is
>>> 2083 (it is part of the www address).
>>> So on a default set up of SBS 2000 and ISA (2 nics and
>>> DSL) I should be able to access secure web sites in
>>> general. However if it is a different port as
>>> above...then I would need to open a packet filter in
> ISA?
>>> Correct or am I way off?
>>> Thanks Lewej
>>>>-----Original Message-----
>>>>You should be able to access HTTPS on the standard port
>>> (443) without
>>>>modification.
>>>>
>>>>If the URL includes a port specification you will need
>>> to either modify ISA
>>>>or adjust your proxy settings in IE.
>>>>An example URL would be
>>> https://server:356/securepage.htm.
>>>>
>>>>"lewej" <anonymous@discussions.microsoft.com> wrote in
>>> message
>>>>news:385e01c4aaf8$8df03ec0$a301280a@phx.gbl...
>>>>> Hi
>>>>> I have rerun ICW, and it seems not make any
>>> difference. I
>>>>> have set up an https filter in ISA for tcp on 443
>>>>> outbound and then both ways, but this does not seem
> to
>>>>> make any difference either.
>>>>> I must be doing something wrong, but am not sure
> hwat.
>>>>> Should you be able to access secure web sites by
>>> default?
>>>>> Thanks
>>>>> lewej
>>>>>>-----Original Message-----
>>>>>>Hi Marina
>>>>>>Oh OK. Thanks. I will try when everyone has gone home
>>>>> then
>>>>>>Cheers
>>>>>>Lewej
>>>>>>>-----Original Message-----
>>>>>>>Hi Lewej,
>>>>>>>
>>>>>>>If you rerun ICW, it will put back ISA to its
> defaults
>>>>>>when you enable the
>>>>>>>firewall. Do that first and see if you can get on
>>> those
>>>>>>sites. You will only
>>>>>>>want to forward port 443 from your router to your
>>>>>>external nic IP, if you
>>>>>>>want to be able to access something like OWA from
>>>>>>outside your network.
>>>>>>>
>>>>>>>--
>>>>>>>Regards,
>>>>>>>
>>>>>>>Marina
>>>>>>>Microsoft SBS-MVP
>>>>>>>
>>>>>>>"Lewej" <anonymous@discussions.microsoft.com>
> schreef
>>>>> in
>>>>>>bericht
>>>>>>>news:242f01c4aab1$e52691e0$a501280a@phx.gbl...
>>>>>>>> Hi Marina
>>>>>>>> 2 Nics, SBS 2000 using DSL.
>>>>>>>> I noticed there is a custome filter for it in ISA,
>>> is
>>>>>>it
>>>>>>>> just mattr to enable that, and rerun ICW do you
>>> think?
>>>>>>>> Ta
>>>>>>>> Lewej
>>>>>>>> >-----Original Message-----
>>>>>>>> >Hi Lewej,
>>>>>>>> >
>>>>>>>> >Is this SBS 2000? How are you connecting to the
>>>>>>internet
>>>>>>>> and are you using 2
>>>>>>>> >nics?
>>>>>>>> >
>>>>>>>> >--
>>>>>>>> >Regards,
>>>>>>>> >
>>>>>>>> >Marina
>>>>>>>> >Microsoft SBS-MVP
>>>>>>>> >
>>>>>>>> >"Lewej" <anonymous@discussions.microsoft.com>
>>>>> schreef
>>>>>>in
>>>>>>>> bericht
>>>>>>>> >news:1a9d01c4aa02$0ea7f000$a501280a@phx.gbl...
>>>>>>>> >> Hi
>>>>>>>> >> I read with interest a post about Secure
> Websites
>>>>>>not
>>>>>>>> >> working Oct 1 2004 at 11.24). I have this
> problem
>>>>>>with
>>>>>>>> a
>>>>>>>> >> SBS installation that has ISA installed. I am
>>>>>>trying to
>>>>>>>> >> access a remote site.
>>>>>>>> >> Marina Roos wrote a reply with a link and
> advice
>>>>>>about
>>>>>>>> >> opening port 443. The link was about VBScript -
>>>>>>which
>>>>>>>> >> lost me. Also forwarding port 443 on my router
> to
>>>>> my
>>>>>>>> >> external Ip has confused me.
>>>>>>>> >> Is there an idiot's guide to this (letting us
>>>>> access
>>>>>>>> >> https site thru ISA?)
>>>>>>>> >> Thanks
>>>>>>>> >> Lewej
>>>>>>>> >
>>>>>>>> >
>>>>>>>> >.
>>>>>>>> >
>>>>>>>
>>>>>>>
>>>>>>>.
>>>>>>>
>>>>>>.
>>>>>>
>>>>
>>>>
>>>>.
>>>>
>>
>>
>>.
>>
- Next message: Lewej: "Re: Secure Website fails with ISA"
- Previous message: piertonio: "Re: vpn problems: lan slow"
- In reply to: Lewej: "Re: Secure Website fails with ISA"
- Next in thread: Lewej: "Re: Secure Website fails with ISA"
- Reply: Lewej: "Re: Secure Website fails with ISA"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
