Re: HTTPS; SSL-Tunnel
From: David (NOSPAMDavidGerst_at_anti-spam.tempco.com)
Date: 06/02/04
- Next message: Trevor OE News: "OE Hotmail through ISA SP2"
- Previous message: amz050: "isa enterprise on stand alone windows 2003 server"
- Maybe in reply to: David: "Re: HTTPS; SSL-Tunnel"
- Next in thread: Jim Harrison [MSFT]: "Re: HTTPS; SSL-Tunnel"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 2 Jun 2004 10:51:13 -0500
This is another sample of the ISA logs. 172.16.0.3 is the ISA Server
internal NIC. 172.16.0.1 is the DNS server on the internal network. I
created a rule to allow DNS from the local host to the internal network, but
as you can see it's still getting denied for some reason. any thoughts?
Original Client IP Client Agent Authenticated Client Service Server Name
Referring Server Destination Host Name Transport MIME Type Object Source
Source Proxy Destination Proxy Bidirectional Client Host Name Filter
Information Network Interface Raw IP Header Raw Payload Source Port
Processing Time Bytes Sent Bytes Received Result Code Cache Info Error Info
Log Record Type Log Time Client IP Destination Host IP Destination Port
Protocol Action Rule Client Username Source Network Destination Network HTTP
Method URL
172.16.0.3 GATEWAY - TCP - - 16753 0 0 0 0xc0040017 0x0 0x0
Firewall 6/2/2004 10:49:55 AM 172.16.0.3 172.16.0.1 53 DNS Denied Connection
Local Host Internal - -
"Jim Harrison [MSFT]" <jmharr@online.microsoft.com> wrote in message
news:u6qZLoDREHA.1276@TK2MSFTNGP11.phx.gbl...
> What's in the ISA web proxy logs for those requests?
>
> --
> Jim Harrison [ISASE]
> Read the help, books and articles!
>
> This posting is provided "AS IS" with no warranties, and confers no
rights.
>
>
> "David" <NOSPAMDavidGerst@anti-spam.tempco.com> wrote in message
news:OdEx18BREHA.3140@tk2msftngp13.phx.gbl...
> OK,
>
> I've even gone as far as giving cart-blanche access to the site and it's
> still a no go. all protocols, all users, from internal to all external.
I
> know it's not a problem with the site because I can run through a
different
> gateway that does not have ISA on it and it works fine. now I'm really
> baffled!
>
>
>
>
> "Tony Su" <anonymous@discussions.microsoft.com> wrote in message
> news:13a0201c44412$e50d2300$a001280a@phx.gbl...
> > If you're accessing remote SSL sites using the standard
> > port (443), you shouldn't be running into any special
> > problems.
> >
> > If you're accessing an SSL site using a non-default port,
> >
> > http://support.microsoft.com/default.aspx?scid=kb;en-
> > us;283284
> >
> > Tony Su
> >
> >
> >
> >
> >
> > >-----Original Message-----
> > >Hi,
> > >
> > >I'm relatively new to this, so here goes...
> > >
> > >
> > >I have ISA server setup to block all web traffic by
> > default and I'm making
> > >rules to allow traffic. This is working great for the
> > HTTP protocol. The
> > >problem I am running into is for HTTPS sites. Even
> > though I have a rule
> > >saying allow userx to go from the internal network using
> > the HTTPS protocol
> > >to destination setX, for some reason it's just not
> > working. what am I
> > >missing? I also see in the log files that it's using SSL-
> > Tunnel.
> > >
> > >thanks!
> > >
> > >- david
> > >
> > >
> > >.
> > >
>
>
>
- Next message: Trevor OE News: "OE Hotmail through ISA SP2"
- Previous message: amz050: "isa enterprise on stand alone windows 2003 server"
- Maybe in reply to: David: "Re: HTTPS; SSL-Tunnel"
- Next in thread: Jim Harrison [MSFT]: "Re: HTTPS; SSL-Tunnel"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
