Re: Can't access ISA server from external network

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

You cannot access a SSL site with an IP# unless the Certificate was
specially configured with a "public name" using the IP# which is a really
bad idea.

SSL Certificates should always be created based on the DNS FQDN and the site
must be accessed using the same DNS FQDN by the user.

--
Phillip Windell
www.wandtv.com

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html

Troubleshooting Client Authentication on Access Rules in ISA Server 2004
http://download.microsoft.com/download/9/1/8/918ed2d3-71d0-40ed-8e6d-fd6eeb6cfa07/ts_rules.doc

Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.asp

Microsoft ISA Server Partners: Partner Hardware Solutions
http://www.microsoft.com/forefront/edgesecurity/partners/hardwarepartners.mspx
-----------------------------------------------------

"jason" <jasonsantos-NOSPAM-@xxxxxxxxxxxxxxxxxxxx> wrote in message
news:el9OKCP2HHA.728@xxxxxxxxxxxxxxxxxxxxxxx
On ISA 2004, I keep getting these errors after we moved. Haven't changed
anything with the server. Right now I'm trying to access our server from
my internal PC to https://xx.xx.xx.xx/remote and get this:

Failed Connection Attempt servername 8/7/2007 8:41:45 AM
Log type: Web Proxy (Forward)
Status: 10061 No connection could be made because the target machine
actively refused it.
Rule: Allow All
Source: Internal ( 192.168.0.xx:0)
Destination: External ( xx.xx.xx.xx:443)
Request: 72.243.119.91:443
Filter information: Req ID: 130465b2
Protocol: SSL-tunnel
User: anonymous
Additional information
a.. Client agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT
5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
b.. Object source: Internet Processing time: 0
c.. Cache info: 0x0 MIME type:


Any suggestions??
Thanks.




.

Relevant Pages

  • Re: Cant access ISA server from external network
    ... The certificate is configured with the ip as public name. ... Microsoft Internet Security & Acceleration Server: Partners ...
    (microsoft.public.isa)
  • SSL help
    ... put another SSL site on the same server. ... assumption that I need to generate another SSL certificate ... but do not see how to do this in IIS5. ...
    (microsoft.public.inetserver.iis.security)
  • Re: ActiveSync 4.1 Error:80072F0D
    ... There may be more than one GUID under partners, ... the "Server" to see where it is syncing. ... > When using ActiveSync 4.1 to connect my PocketPC with my Exchange ... > Srever administrator or ISP to install a valid certificate on the server." ...
    (microsoft.public.pocketpc.activesync)
  • Re: SSL/Non-SSL on 1 Server
    ... to new server. ... host headers will do the trick ... I am planning to move the ssl site to the non-ssl server which is a ... > 1) Do I export and then import the certificate from the current ssl server ...
    (microsoft.public.inetserver.iis.security)
  • RPC over HTTP, Microsoft solution
    ... Exchange Server 2003 RPC over HTTP Deployment Scenarios ... Place a check in the box next to 'Certificate Services' and click 'Yes' ...
    (microsoft.public.exchange.setup)