Re: HTTPS; SSL-Tunnel

From: David (NOSPAMDavidGerst_at_anti-spam.tempco.com)
Date: 06/02/04

• Next message: Kevin: "Streaming Media"
• Previous message: Doug: "Re: Email Screening"
• In reply to: Jim Harrison [MSFT]: "Re: HTTPS; SSL-Tunnel"
• Next in thread: David: "Re: HTTPS; SSL-Tunnel"
• Messages sorted by: [ date ] [ thread ]

Date: Wed, 2 Jun 2004 14:23:24 -0500

more logs. notice, 172.16.0.113 172.16.0.3 8080 Unidentified IP Traffic
Denied Connection Internal Local Host

where ip address 113 is my client, and againt 3 is the ISA server.

Original Client IP Client Agent Authenticated Client Service Server Name
Referring Server Destination Host Name Transport MIME Type Object Source
Source Proxy Destination Proxy Bidirectional Client Host Name Filter
Information Network Interface Raw IP Header Raw Payload Source Port
Processing Time Bytes Sent Bytes Received Result Code Cache Info Error Info
Log Record Type Log Time Client IP Destination Host IP Destination Port
Protocol Action Rule Client Username Source Network Destination Network HTTP
Method URL
0.0.0.0 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) No Proxy GATEWAY
peapps.milacron.com TCP - - - - - - 0 1 0 294 0x5 0x0 0x0 Web Proxy
Filter 6/2/2004 2:18:47 PM 172.16.0.113 0.0.0.0 443 SSL-tunnel anonymous
CONNECT
0.0.0.0 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) No Proxy GATEWAY
peapps.milacron.com TCP - - - - - - 0 1 0 202 0x2fb1 0x0 0x0 Web Proxy
Filter 6/2/2004 2:18:47 PM 172.16.0.113 0.0.0.0 443 SSL-tunnel anonymous
CONNECT
0.0.0.0 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Yes Proxy GATEWAY
peapps.milacron.com TCP Internet - - - - - - 0 0 0 0 0x274c 0x0 0x8c0 Web
Proxy Filter 6/2/2004 2:18:47 PM 172.16.0.113 192.67.157.135 443 SSL-tunnel
OFT Website TEMPCO\ShelliZebrowski Internal External
peapps.milacron.com:443
172.16.0.113 GATEWAY - TCP - - 1899 0 0 0 0xc0040017 0x0 0x0
Firewall 6/2/2004 2:18:27 PM 172.16.0.113 172.16.0.3 8080 Unidentified IP
Traffic Denied Connection Internal Local Host - -
0.0.0.0 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) No Proxy GATEWAY
peapps.milacron.com TCP - - - - - - 0 1 0 294 0x5 0x0 0x0 Web Proxy
Filter 6/2/2004 2:18:26 PM 172.16.0.113 0.0.0.0 443 SSL-tunnel anonymous
CONNECT
172.16.0.113 GATEWAY - TCP - - 1901 0 0 0 0xc0040017 0x0 0x0
Firewall 6/2/2004 2:18:48 PM 172.16.0.113 172.16.0.3 8080 Unidentified IP
Traffic Denied Connection Internal Local Host - -

"Jim Harrison [MSFT]" <jmharr@online.microsoft.com> wrote in message
news:uWHe03MSEHA.2520@TK2MSFTNGP11.phx.gbl...
> Exactly how is IE configured?
> Those log entries show successful connections.
>
> ISA resolves names for browsers configured as web proxy clients, so if the
browser is complaining about "DNS Failure", it's likely
> that it can't resolve the proxy name.
>
> --
> Jim Harrison [ISASE]
> Read the help, books and articles!
>
> This posting is provided "AS IS" with no warranties, and confers no
rights.
>
>
> "David" <NOSPAMDavidGerst@anti-spam.tempco.com> wrote in message
news:%23jJOtSLSEHA.808@tk2msftngp13.phx.gbl...
> This is what was in the log. The error that comes up in web browser is
the
> Page Cannot Be Displayed, cannot find server or DNS Error. I'm thinking
it
> must be a DNS error, but the DNS error probably has something to do with
ISA
> blocking a DNS request?
>
> Original Client IP Client Agent Authenticated Client Service Server Name
> Referring Server Destination Host Name Transport MIME Type Object Source
> Source Proxy Destination Proxy Bidirectional Client Host Name Filter
> Information Network Interface Raw IP Header Raw Payload Source Port
> Processing Time Bytes Sent Bytes Received Result Code Cache Info Error
Info
> Log Record Type Log Time Client IP Destination Host IP Destination Port
> Protocol Action Rule Client Username Source Network Destination Network
HTTP
> Method URL
> 0.0.0.0 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) No Proxy
GATEWAY
> peapps.milacron.com TCP Internet - - - - - - 0 0 8750 1490 0x3e3 0x0
> 0x808 Web Proxy Filter 6/2/2004 10:14:07 AM 172.16.0.113 192.67.157.135
443
> SSL-tunnel OFT Website anonymous Internal External
peapps.milacron.com:443
> 0.0.0.0 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) No Proxy
GATEWAY
> peapps.milacron.com TCP Internet - - - - - - 0 0 60989 10088 0x0 0x0
> 0x800 Web Proxy Filter 6/2/2004 10:14:27 AM 172.16.0.113 192.67.157.135
443
> SSL-tunnel OFT Website anonymous Internal External
peapps.milacron.com:443
> 0.0.0.0 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) No Proxy
GATEWAY
> peapps.milacron.com TCP Internet - - - - - - 0 0 201921 56750 0x0 0x0
> 0x800 Web Proxy Filter 6/2/2004 10:14:31 AM 172.16.0.113 192.67.157.135
443
> SSL-tunnel OFT Website anonymous Internal External
peapps.milacron.com:443
> 0.0.0.0 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) No Proxy
GATEWAY
> peapps.milacron.com TCP Internet - - - - - - 0 0 7410 73226 0x0 0x0
0x800
> Web Proxy Filter 6/2/2004 10:14:33 AM 172.16.0.113 192.67.157.135 443
> SSL-tunnel OFT Website anonymous Internal External
peapps.milacron.com:443
> 0.0.0.0 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) No Proxy
GATEWAY
> peapps.milacron.com TCP Internet - - - - - - 0 0 1395 256 0x3e3 0x0
0x808
> Web Proxy Filter 6/2/2004 10:13:56 AM 172.16.0.113 192.67.157.135 443
> SSL-tunnel OFT Website anonymous Internal External
peapps.milacron.com:443
> 0.0.0.0 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) No Proxy
GATEWAY
> peapps.milacron.com TCP Internet - - - - - - 0 0 150 49152 0x0 0x0
0x800
> Web Proxy Filter 6/2/2004 10:14:35 AM 172.16.0.113 192.67.157.135 443
> SSL-tunnel OFT Website anonymous Internal External
peapps.milacron.com:443
>
>
>
> "Jim Harrison [MSFT]" <jmharr@online.microsoft.com> wrote in message
> news:u6qZLoDREHA.1276@TK2MSFTNGP11.phx.gbl...
> > What's in the ISA web proxy logs for those requests?
> >
> > --
> > Jim Harrison [ISASE]
> > Read the help, books and articles!
> >
> > This posting is provided "AS IS" with no warranties, and confers no
> rights.
> >
> >
> > "David" <NOSPAMDavidGerst@anti-spam.tempco.com> wrote in message
> news:OdEx18BREHA.3140@tk2msftngp13.phx.gbl...
> > OK,
> >
> > I've even gone as far as giving cart-blanche access to the site and it's
> > still a no go. all protocols, all users, from internal to all external.
> I
> > know it's not a problem with the site because I can run through a
> different
> > gateway that does not have ISA on it and it works fine. now I'm really
> > baffled!
> >
> >
> >
> >
> > "Tony Su" <anonymous@discussions.microsoft.com> wrote in message
> > news:13a0201c44412$e50d2300$a001280a@phx.gbl...
> > > If you're accessing remote SSL sites using the standard
> > > port (443), you shouldn't be running into any special
> > > problems.
> > >
> > > If you're accessing an SSL site using a non-default port,
> > >
> > > http://support.microsoft.com/default.aspx?scid=kb;en-
> > > us;283284
> > >
> > > Tony Su
> > >
> > >
> > >
> > >
> > >
> > > >-----Original Message-----
> > > >Hi,
> > > >
> > > >I'm relatively new to this, so here goes...
> > > >
> > > >
> > > >I have ISA server setup to block all web traffic by
> > > default and I'm making
> > > >rules to allow traffic. This is working great for the
> > > HTTP protocol. The
> > > >problem I am running into is for HTTPS sites. Even
> > > though I have a rule
> > > >saying allow userx to go from the internal network using
> > > the HTTPS protocol
> > > >to destination setX, for some reason it's just not
> > > working. what am I
> > > >missing? I also see in the log files that it's using SSL-
> > > Tunnel.
> > > >
> > > >thanks!
> > > >
> > > >- david
> > > >
> > > >
> > > >.
> > > >
> >
> >
> >
>
>
>

• Next message: Kevin: "Streaming Media"
• Previous message: Doug: "Re: Email Screening"
• In reply to: Jim Harrison [MSFT]: "Re: HTTPS; SSL-Tunnel"
• Next in thread: David: "Re: HTTPS; SSL-Tunnel"
• Messages sorted by: [ date ] [ thread ]

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint