http://www.ISAserver.org ------------------------------------------------------- The setting for connection limit was 160 but I had suspected this to the problem so I created a custome limit of 1000 for my IP address but still had the same problems. I will update the global limit to 200 and see what happens. I will also test it with no connection limits and report back. Thanks Andy -----Original Message----- From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Jim Harrison Sent: Friday, 21 July 2006 11:34 PM To: isalist@xxxxxxxxxxxxx Subject: [isalist] Re: SSL Sites http://www.ISAserver.org ------------------------------------------------------- This is a good reference for anyone lerning to use the logs: http://www.microsoft.com/technet/prodtechnol/isa/2004/plan/logging-best- practices.mspx FWLog: ISA 12/07/2006 10:12:11 TCP 10.10.10.100:1062 10.10.10.10:8080 10.10.10.100 Internal Local Host Denied 0x80074e23 - Unidentified IP Traffic 0 0 0 0 - - - - 0 0 ISA 12/07/2006 10:12:15 TCP 10.10.10.100:1062 10.10.10.10:8080 10.10.10.100 Internal Local Host Denied 0x80074e23 - Unidentified IP Traffic 0 0 0 0 - - - - 0 0 ISA 12/07/2006 10:12:21 TCP 10.10.10.100:1062 10.10.10.10:8080 10.10.10.100 Internal Local Host Denied 0x80074e23 - Unidentified IP Traffic 0 0 0 0 - - - - 0 0 ISA 12/07/2006 10:12:11 TCP 10.10.10.100:1063 10.10.10.10:8080 10.10.10.100 Internal Local Host Denied 0x80074e23 - Unidentified IP Traffic 0 0 0 0 - - - - 0 0 ISA 12/07/2006 10:12:15 TCP 10.10.10.100:1063 10.10.10.10:8080 10.10.10.100 Internal Local Host Denied 0x80074e23 - Unidentified IP Traffic 0 0 0 0 - - - - 0 0 ISA 12/07/2006 10:12:21 TCP 10.10.10.100:1063 10.10.10.10:8080 10.10.10.100 Internal Local Host Denied 0x80074e23 - Unidentified IP Traffic 0 0 0 0 - - - - 0 0 ISA 12/07/2006 10:12:33 TCP 10.10.10.100:1096 10.10.10.10:8080 10.10.10.100 Internal Local Host Denied 0x80074e23 - Unidentified IP Traffic 0 0 0 0 - - - - 0 0 ISA 12/07/2006 10:12:36 TCP 10.10.10.100:1096 10.10.10.10:8080 10.10.10.100 Internal Local Host Denied 0x80074e23 - Unidentified IP Traffic 0 0 0 0 - - - - 0 0 ISA 12/07/2006 10:12:42 TCP 10.10.10.100:1096 10.10.10.10:8080 10.10.10.100 Internal Local Host Denied 0x80074e23 - Unidentified IP Traffic 0 0 0 0 - - - - 0 0 ISA 12/07/2006 10:12:33 TCP 10.10.10.100:1097 10.10.10.10:8080 10.10.10.100 Internal Local Host Denied 0x80074e23 - Unidentified IP Traffic 0 0 0 0 - - - - 0 0 ISA 12/07/2006 10:12:36 TCP 10.10.10.100:1097 10.10.10.10:8080 10.10.10.100 Internal Local Host Denied 0x80074e23 - Unidentified IP Traffic 0 0 0 0 - - - - 0 0 ISA 12/07/2006 10:12:42 TCP 10.10.10.100:1097 10.10.10.10:8080 10.10.10.100 Internal Local Host Denied 0x80074e23 - Unidentified IP Traffic 0 0 0 0 - - - - 0 0 ISA 12/07/2006 10:12:33 TCP 10.10.10.100:1098 10.10.10.10:8080 10.10.10.100 Internal Local Host Denied 0x80074e23 - Unidentified IP Traffic 0 0 0 0 - - - - 0 0 ISA 12/07/2006 10:12:36 TCP 10.10.10.100:1098 10.10.10.10:8080 10.10.10.100 Internal Local Host Denied 0x80074e23 - Unidentified IP Traffic 0 0 0 0 - - - - 0 0 ISA 12/07/2006 10:12:42 TCP 10.10.10.100:1098 10.10.10.10:8080 10.10.10.100 Internal Local Host Denied 0x80074e23 - Unidentified IP Traffic 0 0 0 0 - - - - 0 0 ISA 12/07/2006 10:12:33 TCP 10.10.10.100:1099 10.10.10.10:8080 10.10.10.100 Internal Local Host Denied 0x80074e23 - Unidentified IP Traffic 0 0 0 0 - - - - 0 0 ISA 12/07/2006 10:12:36 TCP 10.10.10.100:1099 10.10.10.10:8080 10.10.10.100 Internal Local Host Denied 0x80074e23 - Unidentified IP Traffic 0 0 0 0 - - - - 0 0 ISA 12/07/2006 10:12:42 TCP 10.10.10.100:1099 10.10.10.10:8080 10.10.10.100 Internal Local Host Denied 0x80074e23 - Unidentified IP Traffic 0 0 0 0 - - - - 0 0 In the WP log, you have a very few authentication failures (12209); but more importantly, the FW log shows a clear case of connection limits to the web proxy listener. I hit the same problem with some online courses. Up the connection limits to 200 and see if that helps. Jim Harrison jim@xxxxxxxxxxxx www.isatools.org Sent using Vista Beta 2 and Office 12 Beta 2 (aincha jealous?) -----Original Message----- From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Andy Haigh Sent: Friday, July 21, 2006 2:39 AM To: isalist@xxxxxxxxxxxxx Subject: [isalist] Re: SSL Sites Please see attached, this is the whole process of going to the banking site and then it finally just times out. The ip address of the banking site are 203.57.240.103 and 203.57.241.103 IE is configured with the details of the isa server in the Proxy settings on each machine and uses port 8080 for everything. Any help would be appreciated. Thanks -----Original Message----- From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Jim Harrison Sent: Thursday, 20 July 2006 11:56 PM To: isalist@xxxxxxxxxxxxx Subject: [isalist] Re: SSL Sites http://www.ISAserver.org ------------------------------------------------------- We need to see the log entries related to the failed connections. Not the interpretations or summaries; the log entries themselves. Please limit the log query to only the host that you tested with. Jim Harrison jim@xxxxxxxxxxxx www.isatools.org Sent using Vista Beta 2 and Office 12 Beta 2 (aincha jealous?) -----Original Message----- From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Andy Haigh Sent: Wednesday, July 19, 2006 7:34 PM To: isalist@xxxxxxxxxxxxx Subject: [isalist] Re: SSL Sites http://www.ISAserver.org ------------------------------------------------------- The site is the online banking site at http://www.national.com.au which takes you to https://ib.national.com.au but unless you have an account with the National that's as far as you will get. I have the log files from which I have replaced the internal information and would be happy to post them or email direct if that would help. Thanks Andy -----Original Message----- From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Thomas W Shinder Sent: Thursday, 20 July 2006 10:30 AM To: isalist@xxxxxxxxxxxxx Subject: [isalist] Re: SSL Sites http://www.ISAserver.org ------------------------------------------------------- You knowing what they are doesn't help anyone here figure out what the problem is. Thomas W Shinder, M.D. Site: www.isaserver.org Blog: http://blogs.isaserver.org/shinder/ Book: http://tinyurl.com/3xqb7 MVP -- ISA Firewalls > -----Original Message----- > From: isalist-bounce@xxxxxxxxxxxxx > [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Andy Haigh > Sent: Wednesday, July 19, 2006 6:00 PM > To: isalist@xxxxxxxxxxxxx > Subject: [isalist] Re: SSL Sites > > http://www.ISAserver.org > ------------------------------------------------------- > > I know what that is, I have just captured log info for just accessing > that SSL banking site. What I am not sure of is what I am looking for > in the log file itself! > > Thanks > > -----Original Message----- > From: isalist-bounce@xxxxxxxxxxxxx > [mailto:isalist-bounce@xxxxxxxxxxxxx] > On Behalf Of Thomas W Shinder > Sent: Thursday, 20 July 2006 3:46 AM > To: isalist@xxxxxxxxxxxxx > Subject: [isalist] Re: SSL Sites > > http://www.ISAserver.org > ------------------------------------------------------- > > URLs to the problematic sites? > > Thomas W Shinder, M.D. > Site: www.isaserver.org > Blog: http://blogs.isaserver.org/shinder/ > Book: http://tinyurl.com/3xqb7 > MVP -- ISA Firewalls > > > > > -----Original Message----- > > From: isalist-bounce@xxxxxxxxxxxxx > > [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Andy Haigh > > Sent: Wednesday, July 19, 2006 3:24 AM > > To: isalist@xxxxxxxxxxxxx > > Subject: [isalist] Re: SSL Sites > > > > http://www.ISAserver.org > > ------------------------------------------------------- > > > > Ok I have some log file details of the process but I am not really > > sure what I am looking for?? > > > > Should I be looking at both info from the FWC and WEB logs > or just one > > > of them? > > > > Thanks > > > > -----Original Message----- > > From: isalist-bounce@xxxxxxxxxxxxx > > [mailto:isalist-bounce@xxxxxxxxxxxxx] > > On Behalf Of Jim Harrison > > Sent: Tuesday, 11 July 2006 11:38 PM > > To: isalist@xxxxxxxxxxxxx > > Subject: [isalist] Re: SSL Sites > > > > http://www.ISAserver.org > > ------------------------------------------------------- > > > > What you'll have to do is examine the ISA logs for that same time > > frame and originating from the test client. > > The ISA logs should be very informative, but since you > can't discern > > the links from the pages, you have to do a bit of sleuthing of your > > own. > > Once you determine what requests to that bank are failing, we can > > determine what action to take (if any). > > > > ------------------------------------------------------- > > Jim Harrison > > MCP(NT4, W2K), A+, Network+, PCG > > http://isaserver.org/Jim_Harrison/ > > http://isatools.org > > Read the help / books / articles! > > ------------------------------------------------------- > > > > > > -----Original Message----- > > From: isalist-bounce@xxxxxxxxxxxxx > > [mailto:isalist-bounce@xxxxxxxxxxxxx] > > On Behalf Of Andy Haigh > > Sent: Tuesday, July 11, 2006 05:12 > > To: isalist@xxxxxxxxxxxxx > > Subject: [isalist] Re: SSL Sites > > > > http://www.ISAserver.org > > ------------------------------------------------------- > > > > There are some "javascript()" links and some are just pictures. > > > > It's odd though it works fine for a few pages then goes > wrong. There > > is the "Error on page" message at the bottom left of the > page as well > > or the exclamation mark on the yellow traffic sign. Once this has > > happened it becomes really slow and then times out. > > > > -----Original Message----- > > From: isalist-bounce@xxxxxxxxxxxxx > > [mailto:isalist-bounce@xxxxxxxxxxxxx] > > On Behalf Of Jim Harrison > > Sent: Tuesday, 4 July 2006 12:09 AM > > To: isalist@xxxxxxxxxxxxx > > Subject: [isalist] Re: SSL Sites > > > > http://www.ISAserver.org > > ------------------------------------------------------- > > > > Do this: > > 1. hover over the broken links - what is the URL shown in > the status > > bar? > > 2. if it's not a "javascript()" link, use that information to scan > > your ISA log for rejections or connection problems. > > > > > > ------------------------------------------------------- > > Jim Harrison > > MCP(NT4, W2K), A+, Network+, PCG > > http://isaserver.org/Jim_Harrison/ > > http://isatools.org > > Read the help / books / articles! > > ------------------------------------------------------- > > > > > > -----Original Message----- > > From: isalist-bounce@xxxxxxxxxxxxx > > [mailto:isalist-bounce@xxxxxxxxxxxxx] > > On Behalf Of Andy Haigh > > Sent: Monday, July 03, 2006 00:58 > > To: isalist@xxxxxxxxxxxxx > > Subject: [isalist] SSL Sites > > > > Hi All, > > I am having a hugh number of problems with https banking > sites through > > > ISA 2004. > > > > The server is W2K3 SP1 Standard with ISA 2004 SP2 Standard, all > > patches installed via Microsoft Update. > > > > Everything works fine to the internet when just browsing > normal http > > sites but as soon as I go to any sites that require https > access I get > > > problems. Parts of the site (pictures, icons) don't get > downloaded and > > > just have the red x where they should be, pages timeout, displayed > > with wrong font, page is displayed but with the error icon at the > > bottom left of IE. > > > > If I plug into the otherside of the firewall everything works fine. > > > > Anyone have any suggestions. > > > > Thanks > > > > Andy > > > > > > All mail to and from this domain is GFI-scanned. > > > > ------------------------------------------------------ > > List Archives: //www.freelists.org/archives/isalist/ > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > > ISA Server Articles and Tutorials: > > http://www.isaserver.org/articles_tutorials/ > > ISA Server Blogs: http://blogs.isaserver.org/ > > ------------------------------------------------------ > > Visit TechGenix.com for more information about our other sites: > > http://www.techgenix.com > > ------------------------------------------------------ > > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > ------------------------------------------------------ > > List Archives: //www.freelists.org/archives/isalist/ > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > > ISA Server Articles and Tutorials: > > http://www.isaserver.org/articles_tutorials/ > > ISA Server Blogs: http://blogs.isaserver.org/ > > ------------------------------------------------------ > > Visit TechGenix.com for more information about our other sites: > > http://www.techgenix.com > > ------------------------------------------------------ > > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > All mail to and from this domain is GFI-scanned. > > > > ------------------------------------------------------ > > List Archives: //www.freelists.org/archives/isalist/ > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > > ISA Server Articles and Tutorials: > > http://www.isaserver.org/articles_tutorials/ > > ISA Server Blogs: http://blogs.isaserver.org/ > > ------------------------------------------------------ > > Visit TechGenix.com for more information about our other sites: > > http://www.techgenix.com > > ------------------------------------------------------ > > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > ------------------------------------------------------ > > List Archives: //www.freelists.org/archives/isalist/ > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > > ISA Server Articles and Tutorials: > > http://www.isaserver.org/articles_tutorials/ > > ISA Server Blogs: http://blogs.isaserver.org/ > > ------------------------------------------------------ > > Visit TechGenix.com for more information about our other sites: > > http://www.techgenix.com > > ------------------------------------------------------ > > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > > ------------------------------------------------------ > List Archives: //www.freelists.org/archives/isalist/ > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server Articles and Tutorials: > http://www.isaserver.org/articles_tutorials/ > ISA Server Blogs: http://blogs.isaserver.org/ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > Report abuse to listadmin@xxxxxxxxxxxxx > > ------------------------------------------------------ > List Archives: //www.freelists.org/archives/isalist/ > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server Articles and Tutorials: > http://www.isaserver.org/articles_tutorials/ > ISA Server Blogs: http://blogs.isaserver.org/ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > Report abuse to listadmin@xxxxxxxxxxxxx > > > ------------------------------------------------------ List Archives: //www.freelists.org/archives/isalist/ ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ ISA Server Blogs: http://blogs.isaserver.org/ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ To unsubscribe visit http://www.isaserver.org/pages/isalist.asp Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: //www.freelists.org/archives/isalist/ ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ ISA Server Blogs: http://blogs.isaserver.org/ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ To unsubscribe visit http://www.isaserver.org/pages/isalist.asp Report abuse to listadmin@xxxxxxxxxxxxx All mail to and from this domain is GFI-scanned. ------------------------------------------------------ List Archives: //www.freelists.org/archives/isalist/ ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ ISA Server Blogs: http://blogs.isaserver.org/ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ To unsubscribe visit http://www.isaserver.org/pages/isalist.asp Report abuse to listadmin@xxxxxxxxxxxxx All mail to and from this domain is GFI-scanned. ------------------------------------------------------ List Archives: //www.freelists.org/archives/isalist/ ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ ISA Server Blogs: http://blogs.isaserver.org/ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ To unsubscribe visit http://www.isaserver.org/pages/isalist.asp Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: //www.freelists.org/archives/isalist/ ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ ISA Server Blogs: http://blogs.isaserver.org/ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ To unsubscribe visit http://www.isaserver.org/pages/isalist.asp Report abuse to listadmin@xxxxxxxxxxxxx