SSL tunnelling through ISA 2000 to web sites on non-standard ports
From: Mark Heywood (mheywood_at_bigpond.net.au)
Date: 02/23/05
- Next message: Mazen Ahmed: "matching user to a monitored websites using ISA 2000"
- Previous message: Steve Carr: "Re: Sniff for smtp relay"
- Messages sorted by: [ date ] [ thread ]
Date: 23 Feb 2005 00:08:38 -0800
Hi
We have a user who need to access a web site which uses SSL but runs
on port 19638 rather than port 443.
I have added this port to the ISA SSL tunnelling as in MS KB 283284.
This seems to be present in the registry and I restarted the Web Proxy
server.
We are using ISA 2000, primarily as a Web proxy server.
We are also behind a Nokia firewall, which may now be the issue (the
f/w guys claim to have made the required rule changes for this to
work).
In the ISA Web proxy log I see:
10.30.46.20 anonymous Mozilla/4.0 (compatible; MSIE 6.0; Windows NT
5.1; .NET CLR 1.1.4322) 2005-02-23 06:00:18 AUSAFS004 - ensim.smartydns24.com - 19638 - 233 2846 SSL-tunnel CONNECT - - 407
10.30.46.20 anonymous Mozilla/4.0 (compatible; MSIE 6.0; Windows NT
5.1; .NET CLR 1.1.4322) 2005-02-23 06:00:18 AUSAFS004 - ensim.smartydns24.com - 19638 - 321 509 SSL-tunnel CONNECT - - 407
but then I see
10.30.46.20 AUS\smarisett Mozilla/4.0 (compatible; MSIE 6.0; Windows
NT 5.1; .NET CLR 1.1.4322) 2005-02-23 06:00:56 AUSAFS004 - ensim.smartydns24.com 67.15.78.91 19638 - - - SSL-tunnel - ensim.smartydns24.com:19638 Inet 10060
The browser says "The page cannot be displayed" on the next line it
says "There " and thats all.
The URL is http://www.gcgwa.com/admin which re-directs to
https://ensim.smartydns24.com:19638/webhost/rollout/welcome and should
come up with a logon screen.
There is nothing in the ISA firewall or packet filter logs.
Is there anything else I can do on the ISA side of things ?
Thanks
Mark.
- Next message: Mazen Ahmed: "matching user to a monitored websites using ISA 2000"
- Previous message: Steve Carr: "Re: Sniff for smtp relay"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
