more SSL ports

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: Tony Su (anonymous_at_discussions.microsoft.com)
Date: 05/11/04 

Date: Tue, 11 May 2004 10:34:17 -0700

Reading between your lines,
I'm guessing you're trying to deploy your websites using
non-default ports.

Depending on your site content(not all dynamic content is
supported), although I have not personally tried it there
appear to be plenty of options to configure non-default
ports if you Web Publish, and may even be able to do some
port translation. The two main places of note where you
can define ports are the Incoming Web Listener and the
Action tab of the Web Publishing rule.

The script you reference is for configuring clients behind
ISA, I have not heard that is required for Web Publishing
on non-default ports.

If you want some guidelines on deploying multiple SSL
sites using the same WAN IP address, there is an article
at isaserver.org which describes this and is also the
basis for what I recommend in my SBS2K3 "Web Publishing
Companyweb" paper at

www.su-networking.com/faq/
(click on first link)

Even if you're not using SBServer, most of the concepts
described other than the SBSIISCONFIG maneuver are
applicable to normal Windows configurations.

HTH,
Tony Su

>-----Original Message-----
>Hi
>
>Problem:
>I want to publish 2 web sites which can be accessed only
with https (will
>discard http requests). Internal web server will work on
http (not https).
>
>Question:
>Are the following assumptions correct:
>
>1.I can't use web publishing rule since I always have to
specify a http ip /
>port
>2.I can publish server (https) which listens on specified
port (server
>properties-tab Incoming web request, enable SSL
listener=checked &port
>specified).
>3.I can specify an additional https port with vbs from
isatools.org
>(ssl_tpr_add.vbs) and now my ISA server will listen for
https on 2 ports ???
>4.ISA server always maps to same port (listens on 443 and
maps to 443 on
>internal server) and this can't be changed ?
>
>Any other possible solution ?
>
>TIA
>jedec
>
>
>.
>

Relevant Pages

  • Re: RWW with no https
    ... SBS's ports. ... two are unrelated systems, i.e., SBS for one domain, Kerio for another. ... Or dump Kerio Mail Server since you have the same capabilities in Exchange ... I can not use https. ...
    (microsoft.public.windows.server.sbs)
  • Re: OWA in DMZ
    ... But I guess the easiest and relatively secure method is setting up a seperate Exchange server in the DMZ in Front-End mode. ... And configure the Firewall to allow traffic on certain ports between this server and the private network, since that's where the back-end server is located with the actual mailboxes. ... When you have this Front-End server in place with OWA you can also use this same server for Mobile Access, and RCP over HTTPS, which you will have to enable on both servers and it involves more TCP ports. ...
    (microsoft.public.exchange.admin)
  • Re: RWW with no https
    ... SBS's ports. ... two are unrelated systems, i.e., SBS for one domain, Kerio for another. ... Or dump Kerio Mail Server since you have the same capabilities in Exchange ... I can not use https. ...
    (microsoft.public.windows.server.sbs)
  • Re: warum PnP Dienst =?ISO-8859-1?Q?=FCber_Netzwerk=3F?=
    ... Bei VPNs hast Du immer das Problem, dass Du nicht sicherstellen kannst, dass nur der Client in das Netz kommt. ... Da sind einzeln absicherbare Protokolle wie RPC over HTTPS, ... Auf Anwendungsseite wurde reagiert und die Applikationen benutzten nur noch bestimmte, fest definierbare Ports. ...
    (microsoft.public.de.german.win2000.networking)
  • Re: countermeasure against attacks through HTML shared files
    ... looks at attacks through HTML shared files in Web ... acmemail on https URLs, and that meant either using wildcard ... flaws in acmemail) or different ports. ...
    (Bugtraq)