[isalist] Re: HTTPS Connectivity Issue
- From: Jim Harrison <Jim@xxxxxxxxxxxx>
- To: "isalist@xxxxxxxxxxxxx" <isalist@xxxxxxxxxxxxx>
- Date: Wed, 10 Sep 2008 11:23:22 -0700
http://www.ISAserver.org
-------------------------------------------------------
Nope; if you want the whole thing, you have to run Netmon at the ISA on both
interfaces.
No single endpoint can capture a conversation across intermediate device.
You can send to me or the list...
Jim
-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On
Behalf Of Jerry Young
Sent: Wednesday, September 10, 2008 10:29 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: HTTPS Connectivity Issue
Jim,
Fair enough. If I run the capture on the client, that should catch the full
conversation, yes? Should I enable conversations in the capture? Also, once
captured, do I just attach the file and send back to the list? I know others
have exchanged captures before but I don't recall seeing those attachments on
the messages sent to the list.
Sorry for the silly questions.
On Wed, Sep 10, 2008 at 1:12 PM, Jim Harrison <Jim@xxxxxxxxxxxx> wrote:
The logs don't say that the server aborted the connection; it says
"someone" did.
Only a network capture will help you determine which of the three
entities aborted the connection.
Jim
From: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Jerry Young
Sent: Wednesday, September 10, 2008 8:25 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] HTTPS Connectivity Issue
I created a simple server publishing rule in ISA Server 2006 that is
configured to allow HTTPS traffic that hits the ISA Server's external IP
address to access a server providing Secure FTP services (configured to use
port 443, at any rate - and yes I know about 990 and 22). However, when I
attempt to connect, I get the following results.
Original Client IP Client Agent Authenticated Client
Service Referring Server Destination Host Name
Transport HTTP Method MIME Type Object Source Source Proxy
Destination Proxy Bidirectional Client Host Name Filter
Information Network Interface Raw IP Header Raw Payload
GMT Log Time Source Port Processing Time Bytes Sent
Bytes Received Cache Information Error Information
Authentication Server Log Time Client IP Destination IP
Destination Port Protocol Action Rule Result Code
HTTP Status Code Client Username Source Network
Destination Network URL Server Name Log Record Type
172.16.9.69 -
TCP - -
- 9/10/2008
3:16:11 PM 33867 0 0 0 0x0 0x0
- 9/10/2008 11:16:11 AM 172.16.9.69 10.3.0.40
443 HTTPS Server Initiated Connection Corporate Secure FTP Access
0x0 ERROR_SUCCESS External Perimeter
- HVW2K3ISA01 Firewall
172.16.9.69 -
TCP - -
- 9/10/2008
3:16:11 PM 33867 31 206 88 0x0 0x0
- 9/10/2008 11:16:11 AM 172.16.9.69 10.3.0.40
443 HTTPS Server Closed Connection Corporate Secure FTP Access
0x80074e21 FWX_E_ABORTIVE_SHUTDOWN External
Perimeter - HVW2K3ISA01 Firewall
Might anyone know why the firewall is aborting the connection?
I have a similar server publishing rule (uses FTP instead of HTTPS)
that works. The only difference between the two is the protocol that's allowed.
Also, the ERROR_SUCCESS issue perplexes me because of the paradox those
two words together present. :)
--
Cordially yours,
Jerry G. Young II
Microsoft Certified Systems Engineer
--
Cordially yours,
Jerry G. Young II
Microsoft Certified Systems Engineer
------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
