RE: SSL & win2k3 & E2k3 & comcast
- From: "Tony Anderson" <tandersn@xxxxxxxxxxxxxxxxx>
- To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
- Date: Mon, 20 Oct 2003 12:04:52 -0700
I am sorry, I was confused, you are right. 443 isn't the windows auth port,
445 is. 445 is the one that is being blocked.
I am not so versed in the low level packet analyzation I am afraid. I did a
netmon capture from my machine at home to the exchsrv, and I can see where
the delays occur physically in the list, but am not certain how to determine
what is going on.
Tony
----- Original Message -----
From: "Mulnick, Al" <Al.Mulnick@xxxxxxxxxx>
To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
Sent: Monday, October 20, 2003 11:56 AM
Subject: [exchangelist] RE: SSL & win2k3 & E2k3 & comcast
> http://www.MSExchange.org/
>
> I don't think so. SSL is TCP 443 by default. If your E2K server is
> different, then it's different because somebody set it that way and they
> either redirect it or you tell your clients to use it that way.
>
> Given the information you present, I'd say that the issue is very likely
> something that comcast is doing, but it's surprising that it doesn't work
> for both implementations.
>
> Where is the delay showing in the trace and what's on the wire when it
> happens? Are you seeing a lot of IP fragments or anything like that?
>
>
> Al
>
> -----Original Message-----
> From: Tony Anderson [mailto:tandersn@xxxxxxxxxxxxxxxxx]
> Sent: Monday, October 20, 2003 2:41 PM
> To: [ExchangeList]
> Subject: [exchangelist] RE: SSL & win2k3 & E2k3 & comcast
>
> http://www.MSExchange.org/
>
> It's not a dns issue because simply removing SSL from the picture works
> fine. Http://exchsrv2.cs.washington.edu = instant
> https://exchsrv2.cs.washington.edu/exchange = delay. If it was a DNS
issue,
> it would be slow for both. Even after you connect, and get a DNS cache, it
> is still slow. Plus, I added an entry directly to my HOST file. 3rd, I
have
> done a netmon capture, and you can see where the delays occur, and it's
not
> the initial portion of the conversation
>
> I take ISP out of the picture by doing it at work, asking co workers with
> DSL to try. I have comcast cable at home, and so do about 20% of the other
> users on our network. All comcast users report problems, everyone else
works
> fine.
>
> I did do a network monitor capture, I just took a deeper look and it
appears
> there is some connection trying to happen to destination port 443, which I
> know COMCAST is blocking, so the problem is related to that I imagine.
>
> I have 2 exchange servers, one is win2k & echc2k the other is win2k3 &
> ech2k3. Some users on each (planning to move all users to new one, once I
> solve this problem). Connecting to the older exchsrv works fine, even with
> the SSL. Connecting to the new one has delays.
>
> Is it safe to assume I have something misconfigured, that is telling OWA
to
> authenticate via port 443, where as the older one is not? I will look into
> it.
>
> Tony
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
> Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
> Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
> Resource Site: http://www.windowsecurity.com/ Network Security Library:
> http://www.secinf.net/ Windows 2000/NT Fax Solutions:
> http://www.ntfaxfaq.com
> ------------------------------------------------------
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
> Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
> Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 ISA Server Resource Site: http://www.isaserver.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
>
Other related posts:
