[isalist] HTTPS Connectivity Issue

  • From: "Jerry Young" <jerrygyoungii@xxxxxxxxx>
  • To: isalist@xxxxxxxxxxxxx
  • Date: Wed, 10 Sep 2008 11:24:55 -0400

I created a simple server publishing rule in ISA Server 2006 that is
configured to allow HTTPS traffic that hits the ISA Server's external IP
address to access a server providing Secure FTP services (configured to use
port 443, at any rate - and yes I know about 990 and 22).  However, when I
attempt to connect, I get the following results.
Original Client IP Client Agent Authenticated Client Service Referring
Server Destination Host Name Transport HTTP Method MIME Type Object
Source Source
Proxy Destination Proxy Bidirectional Client Host Name Filter
Information Network
Interface Raw IP Header Raw Payload GMT Log Time Source Port
Processing Time Bytes
Sent Bytes Received Cache Information Error Information Authentication
Server Log Time Client IP Destination IP Destination Port Protocol Action
Rule Result Code HTTP Status Code Client Username Source Network Destination
Network URL Server Name Log Record Type
172.16.9.69 - TCP - - - 9/10/2008 3:16:11 PM 33867 0 0 0 0x0 0x0 - 9/10/2008
11:16:11 AM 172.16.9.69 10.3.0.40 443 HTTPS Server Initiated
Connection Corporate
Secure FTP Access 0x0 ERROR_SUCCESS External Perimeter - HVW2K3ISA01
Firewall
172.16.9.69 - TCP - - - 9/10/2008 3:16:11 PM 33867 31 206 88 0x0 0x0 -
9/10/2008
11:16:11 AM 172.16.9.69 10.3.0.40 443 HTTPS Server Closed Connection Corporate
Secure FTP Access 0x80074e21 FWX_E_ABORTIVE_SHUTDOWN External Perimeter -
HVW2K3ISA01 Firewall

Might anyone know why the firewall is aborting the connection?

I have a similar server publishing rule (uses FTP instead of HTTPS) that
works.  The only difference between the two is the protocol that's allowed.

Also, the ERROR_SUCCESS issue perplexes me because of the paradox those two
words together present. :)
-- 
Cordially yours,
Jerry G. Young II
Microsoft Certified Systems Engineer

Other related posts: