Re: Can't access ebay secure site since upgrage to SBS SP1 with ISA Server 2004
- From: John Van Hengel <jvh@xxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 23 Aug 2005 10:22:52 -0500
Hi Ed
The problem is resolved.
The issue was that the firewall client was not running.
The update to isa 2004 creates problem with incompatability with the ver 2000 firewall client.
Installation of the new client is a mess as it requires uninstalling the old one before installing
the new one. removing the old one requires access to the old mspclnt folder which is gone after the
update.
After completely stripping the 2000 client out of the workstation manualy and installing the 2004
client, the access to the secure site now works.
Thanks
On Wed, 17 Aug 2005 03:52:27 GMT, v-edtian@xxxxxxxxxxxxxxxxxxxx (Edward Tian) wrote:
>Hi John:
>Thank you for posting here. Hello Susan, thanks for your suggestion!
>
>First I would like to recommend that you try the following steps:
>
>1. a. Open ISA2004 Management Console, in the left panel, expand to
>Configuration->Networks.
>
>b. Under "Networks panel", double click "Internal".
>
>c. Switch to "Web Proxy" panel, click "Authentication¡".
>
>d. Uncheck the "Require all users to authenticate" option.
>
>2. If you have an Access Rule which allows internal clients access internet
>and applies to "Specified Users" (By default this rule is applied to SBS
>Internet Users), please temporarily change it to apply to "All users".
>
>>From an internal client, try accessing the SSL site again, does this
>problem persist?
>
>If the issue persists, please help to collect the following information:
>1. Can you access any other internet SSL web sites?
>
>2. Can you access this ebay secure site before upgraded to ISA2k4?
>
>3. Do you configure the client computer as a Web Proxy client?
>
>4. Gather the ISA Info:
>
>1) Download the file from the following URL:
>
>http://www.isatools.org/isainfo/ISAInfo.zip
>
>2) Extract all files to a folder on ISA server.
>3) Double click Isainfo.js. This will generate 2 files
>ISAInfo2004-<computer-name>.log and ISAInfo2004-<computer-name>.xml in the
>current folder.
>4) Please send these files to me.
>
>5. We may also gather the ISA logs:
>
>1) Schedule a down time.
>
>2) Open ISA 2004 management console.
>
>3) Expand the server node and highlight 'Monitoring'.
>
>4) In the right pane, switch to the 'Logging' tab, make sure the 'Task
>Pane' is showed there.
>
>5) In the 'Task Pane', click 'Configure Firewall Logging' under 'Logging
>Tasks', and then switch the 'log storage format' from 'MSDE database'
>(default) to 'File'.
>
>6) Switch to the 'Fields' tab, click 'Select All', and then click OK.
>
>7) In the 'Task Pane', click 'Configure Web Proxy Logging' under 'Logging
>Tasks', and then switch the 'log storage format' from 'MSDE database'
>(default) to 'File'.
>
>8) Switch to the 'Fields' tab, click 'Select All', and then click OK.
>
>9) Click 'Apply' to save changes and update the configuration.
>
>10) Temporarily disable the Firewall service. To do that, please click
>Monitoring | Services tab and then right click 'Microsoft Firewall' to
>choose 'Stop'.
>
>11) Clear the current existing W3C logs. To do that, go to the log saving
>directory and clean any existing .W3C logs. By default, the logs will be
>saved to 'C:\Program Files\Microsoft ISA Server\ISALogs'. (Some MDF may not
>be able to deleted, that's normal.) You may backup them first and then
>delete them.
>
>12) Go back to the ISA 2004 management console, and then Start the stopped
>'Microsoft Firewall' service.
>
>13) Reproduce the problem, stop the service, and then gather the resulting
>W3C files to me for analysis.
>
>14) Please also let me know the IP address of the testing clients so that I
>can filter the data.
>
>I appreciate you taking time to collect the information. Please feel free
>to let me know if anything is unclear.
>
>Have a nice day! :)
>
>Best Regards
>Edward Tian(MSFT)
>Microsoft CSS Online Newsgroup Support
>
>Get Secure! - www.microsoft.com/security
>======================================================
>This newsgroup only focuses on SBS technical issues. If you have issues
>regarding other Microsoft products, you'd better post in the corresponding
>newsgroups so that they can be resolved in an efficient and timely manner.
>You can locate the newsgroup here:
>http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
>
>When opening a new thread via the web interface, we recommend you check the
>"Notify me of replies" box to receive e-mail notifications when there are
>any updates in your thread. When responding to posts via your newsreader,
>please "Reply to Group" so that others may learn and benefit from your
>issue.
>
>Microsoft engineers can only focus on one issue per thread. Although we
>provide other information for your reference, we recommend you post
>different incidents in different threads to keep the thread clean. In doing
>so, it will ensure your issues are resolved in a timely manner.
>
>For urgent issues, you may want to contact Microsoft CSS directly. Please
>check http://support.microsoft.com for regional support phone numbers.
>
>Any input or comments in this thread are highly appreciated.
>======================================================
>This posting is provided "AS IS" with no warranties, and confers no rights.
>
>--------------------
>| From: John Van Hengel <jvh@xxxxxxxxxxxxxxxxxxxxx>
>| Subject: Can't access ebay secure site since upgrage to SBS SP1 with ISA
>Server 2004
>| Date: Tue, 16 Aug 2005 14:05:08 -0500
>| Reply-To: jvh@xxxxxxxxxxxxxxxxxxxxx
>| Message-ID: <9qd4g1tva2j89l2at7ilp91ve1v8t2rurl@xxxxxxx>
>| X-Newsreader: Forte Agent 1.93/32.576 English (American)
>| MIME-Version: 1.0
>| Content-Type: text/plain; charset=us-ascii
>| Content-Transfer-Encoding: 7bit
>| Newsgroups: microsoft.public.windows.server.sbs,microsoft.public.isaserver
>| NNTP-Posting-Host: rrcs-24-106-55-26.west.biz.rr.com 24.106.55.26
>| Lines: 1
>| Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!tk2msftngp13.phx.gbl
>| Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.isaserver:6032
>microsoft.public.windows.server.sbs:144959
>| X-Tomcat-NG: microsoft.public.windows.server.sbs
>|
>|
>| Since the update when I try to pay for an item on ebay I get the
>following error.
>|
>| Network Access Message: The page cannot be displayed
>|
>| Technical Information (for Support personnel)
>| Error Code: 502 Proxy Error. Connection refused(10061)
>| IP Address: 216.113.178.99
>| Date: 8/16/2005 6:57:24 PM
>| Server: server01.Strasser-Hardware.local
>| Source: proxy
>|
>| The URL is: https://payments.ebay.com/ws/eBayISAPI.dll...............etc
>|
>| Do I have something in the ISA Server set wrong?
>|
>|
.
- Follow-Ups:
- References:
- Prev by Date: MS Cover Page Editor
- Next by Date: SBS 2003 Licensing Question
- Previous by thread: RE: Can't access ebay secure site since upgrage to SBS SP1 with ISA Server 2004
- Next by thread: Re: Can't access ebay secure site since upgrage to SBS SP1 with ISA Server 2004
- Index(es):
Relevant Pages
|
