Another SSL Problem
- From: "Marc A. Mapplebeck, MCP/MCDST/N+/A+/CNA" <mmapplebeck@xxxxxxxxxx>
- To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
- Date: Wed, 5 Jan 2005 21:58:42 -0400
Hi again, I seem to be having a problem with my SSL on our ISA server, or I
would like to blame it on our ISA server. But it really baffles me. Whenever
an internal client attempts to browse to an external SSL site, it gets a DNS
error from IE, however when I use my laptop which is not a domain member,
all works fine(which leads me to believe it is not ISA problem). I also have
the same problem accessing our own SSL site from an external site I get the
exact same DNS error which makes me want to blame it on ISA. Nothing else
has changed on the domain. Connections work fine for non SSL communications
so I know it really isn't a really a DNS error. This problem does not make
sense to me at all, does anyone have any suggestions as to where I could
start troubleshooting this? I feel like I would be running myself in
circles. Any help would be appreciated - Marc
Some log captures from attempts to make outbound connections are below.
This is using a domain account:
Original Client IP Client Agent Authenticated Client Service
Server Name Referring Server Destination Host Name Transport
MIME Type Object Source Source Proxy Destination Proxy
Bidirectional Client Host Name Filter Information Network
Interface Raw IP Header Raw Payload Source Port Processing
Time Bytes Sent Bytes Received Result Code HTTP Status Code
Cache Information Error Information Log Record Type Log Time
Destination IP Destination Port Protocol Action Rule
Client IP Client Username Source Network Destination Network HTTP
Method URL
0.0.0.0 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; CAHITS; .NET
CLR 1.1.4322) Yes Proxy GATEKEEPER 159.231.80.214 TCP
Cache - - - - - - 0
1 570 366 0 0x0 0x80 Web Proxy Filter
2005-01-05 21:25:19 45.89.223.130 80 http Allowed Connection
Web 45.89.223.147 CAH-NB\MMapplebeck Internal External
GET http://159.231.80.214/en_ca/images/loginBox/icon_go_over.gif
45.89.223.147 iexplore.exe:3:5.1 GATEKEEPER -
TCP - -
1193 141 0 0 0x0 0x0 0x0 Firewall
2005-01-05 21:25:22 159.231.80.212 443 HTTPS Initiated Connection
Web 45.89.223.147 CAH-NB\MMapplebeck Internal External
- -
45.89.223.147 iexplore.exe:3:5.1 GATEKEEPER -
TCP - -
1193 281 128 128 0x80074e21 0x0 0x0
Firewall 2005-01-05 21:25:22 159.231.80.212 443 HTTPS
Closed Connection Web 45.89.223.147 CAH-NB\MMapplebeck
Internal External - -
45.89.223.147 iexplore.exe:3:5.1 GATEKEEPER -
TCP - -
1191 63471 0 23877 0x80074e24 0x0 0x0
Firewall 2005-01-05 21:26:17 159.231.80.214 80 HTTP
Closed Connection Web 45.89.223.147 CAH-NB\MMapplebeck
Internal External - -
This is using a local machine account:
Original Client IP Client Agent Authenticated Client Service
Server Name Referring Server Destination Host Name Transport
MIME Type Object Source Source Proxy Destination Proxy
Bidirectional Client Host Name Filter Information Network
Interface Raw IP Header Raw Payload Source Port Processing
Time Bytes Sent Bytes Received Result Code HTTP Status Code
Cache Information Error Information Log Record Type Log Time
Destination IP Destination Port Protocol Action Rule
Client IP Client Username Source Network Destination Network HTTP
Method URL
0.0.0.0 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; CAHITS; .NET
CLR 1.1.4322) No Proxy GATEKEEPER
www.txn.banking.pcfinancial.ca TCP - -
- - - - 0 10 1116 256
12209 0x0 0x0 Web Proxy Filter 2005-01-05 21:40:28
45.89.223.130 443 SSL-tunnel Denied Connection
45.89.223.147 anonymous CONNECT
0.0.0.0 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; CAHITS; .NET
CLR 1.1.4322) No Proxy GATEKEEPER
www.txn.banking.pcfinancial.ca TCP - -
- - - - 0 1 531 360
5 0x0 0x0 Web Proxy Filter 2005-01-05 21:40:29
45.89.223.130 443 SSL-tunnel Failed Connection Attempt
45.89.223.147 anonymous CONNECT
0.0.0.0 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; CAHITS; .NET
CLR 1.1.4322) Yes Proxy GATEKEEPER
www.txn.banking.pcfinancial.ca TCP Internet - -
- - - - 0 0 60 0
995 0x0 0x88 Web Proxy Filter 2005-01-05 21:40:29
159.231.80.212 443 SSL-tunnel Failed Connection Attempt Web
45.89.223.147 GATEKEEPER\MMapplebeck Internal External
www.txn.banking.pcfinancial.ca:443
45.89.223.147 iexplore.exe:3:5.1 GATEKEEPER -
TCP - -
1241 40 0 0 0x0 0x0 0x0 Firewall
2005-01-05 21:40:29 159.231.80.212 443 HTTPS Initiated Connection
Web 45.89.223.147 GATEKEEPER\MMapplebeck Internal External
- -
45.89.223.147 iexplore.exe:3:5.1 GATEKEEPER -
TCP - -
1241 131 128 128 0x80074e21 0x0 0x0
Firewall 2005-01-05 21:40:29 159.231.80.212 443 HTTPS
Closed Connection Web 45.89.223.147 GATEKEEPER\MMapplebeck
Internal External - -
_-_-_-_-_-_-_-_-_-
-"During times of universal deceit, telling the truth becomes a
revolutionary act." - George Orwell, 1984
_-_-_-_-_-_-_-_-_-
Marc A. Mapplebeck, MCP/MCDST/N+/A+/CNA
IT Manager, City Animal Hospital Ltd.
Owner, Shutterbug Productions & Consulting
MCP#: 3146827
CompTIA#: COMP001002835054
mmapplebeck@xxxxxxxxxx
Administrator@xxxxxxxxx
_-_-_-_-_-_-_-_-_-
P: 506-471-7044
ICQ: 26743793
Yahoo!: mmapplebeck
MSN: mmapplebeck@xxxxxxxxxx
_-_-_-_-_-_-_-_-_-
This e-mail communication (including any or all attachments) is intended
only for the use of the person or entity to which it is addressed and may
contain confidential and/or privileged material. If you are not the intended
recipient of this e-mail, any use, review, retransmission, distribution,
dissemination, copying, printing, or other use of, or taking of any action
in reliance upon this e-mail, is strictly prohibited. If you have received
this e-mail in error, please contact the sender and delete the original and
any copy of this e-mail and any printout thereof, immediately. Your
co-operation is appreciated.
Le présent courriel (y compris toute pièce jointe) s'adresse uniquement à
son destinataire, qu'il soit une personne ou un organisme, et pourrait
comporter des renseignements privilégiés ou confidentiels. Si vous n'êtes
pas le destinataire du courriel, il est interdit d'utiliser, de revoir, de
retransmettre, de distribuer, de disséminer, de copier ou d'imprimer ce
courriel, d'agir en vous y fiant ou de vous en servir de toute autre façon.
Si vous avez reçu le présent courriel par erreur, prière de communiquer avec
l'expéditeur et d'éliminer l'original du courriel, ainsi que toute copie
électronique ou imprimée de celui-ci, immédiatement. Nous sommes
reconnaissants de votre collaboration.
Other related posts:
