RE: SSL & win2k3 & E2k3 & comcast

  • From: "Tony Anderson" <tandersn@xxxxxxxxxxxxxxxxx>
  • To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
  • Date: Mon, 20 Oct 2003 11:52:02 -0700

It would be used if IIS is set to use windows authentication though, would
it not?

Tony
----- Original Message ----- 
From: "Gabrie van Zanten" <gabrie@xxxxxxxxxxxxxxxx>
To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
Sent: Monday, October 20, 2003 11:51 AM
Subject: [exchangelist] RE: SSL & win2k3 & E2k3 & comcast


> http://www.MSExchange.org/
>
> Hi
>
> About the part where you talk about that comcast is blokking port 443.
> To my knowledge, when you connect to port 80 to visit a website, your
> own port nr is NOT 80, but something above 1024. When doing OWA, traffic
> would look like this:
>
> Home port 1099 -----------> request to OWA ------> port 80
> OWA  port 80   -----------> reply to Home -------> port 1099
>
> I don't think SSL is different in this. For each new SSL connection it
> will use a new portnr. Otherwise it would be impossible to visit more
> then one SSL site at the same time.
>
> So COMCAST blocking 443, is not the issue I think. Maybe for incomming
> to COMCAST they block 443, but that is not used in your connection. And
> if they were blocking 443, there was no connection at all, also not
> after 1minute wait.
>
> Gabrie
>
>
> -----Original Message-----
> From: Tony Anderson [mailto:tandersn@xxxxxxxxxxxxxxxxx]
> Sent: Monday, October 20, 2003 8:41 PM
> To: [ExchangeList]
> Subject: [exchangelist] RE: SSL & win2k3 & E2k3 & comcast
>
>
> http://www.MSExchange.org/
>
> It's not a dns issue because simply removing SSL from the picture works
> fine. Http://exchsrv2.cs.washington.edu = instant
> https://exchsrv2.cs.washington.edu/exchange = delay. If it was a DNS
> issue, it would be slow for both. Even after you connect, and get a DNS
> cache, it is still slow. Plus, I added an entry directly to my HOST
> file. 3rd, I have done a netmon capture, and you can see where the
> delays occur, and it's not the initial portion of the conversation
>
> I take ISP out of the picture by doing it at work, asking co workers
> with DSL to try. I have comcast cable at home, and so do about 20% of
> the other users on our network. All comcast users report problems,
> everyone else works fine.
>
> I did do a network monitor capture, I just took a deeper look and it
> appears there is some connection trying to happen to destination port
> 443, which I know COMCAST is blocking, so the problem is related to that
> I imagine.
>
> I have 2 exchange servers, one is win2k & echc2k the other is win2k3 &
> ech2k3. Some users on each (planning to move all users to new one, once
> I solve this problem). Connecting to the older exchsrv works fine, even
> with the SSL. Connecting to the new one has delays.
>
> Is it safe to assume I have something misconfigured, that is telling OWA
> to authenticate via port 443, where as the older one is not? I will look
> into it.
>
> Tony
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
> Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
> Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> Leading Network Software Directory: http://www.serverfiles.com No.1 ISA
> Server Resource Site: http://www.isaserver.org Windows Security Resource
> Site: http://www.windowsecurity.com/ Network Security Library:
> http://www.secinf.net/ Windows 2000/NT Fax Solutions:
> http://www.ntfaxfaq.com
> ------------------------------------------------------
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
> Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
> Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 ISA Server Resource Site: http://www.isaserver.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
>
>



Other related posts: