TOO LATE.. I called the KGB already.... ________________________________ From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Andrew English Sent: Thursday, May 04, 2006 1:51 PM To: isalist@xxxxxxxxxxxxx Subject: RE: [isalist] Re: 2 be or not 2 be? (Ah Crap) AH Crap.. It pays to read your stuff before you post it.. MY BAD.. I honestly meant to say "I am not a racist".. (kicking myself for saying it the other way). Please excuse my dyslexic typing I seriously do apologize if I offended anyone. Regards, Andrew ________________________________ From: isalist-bounce@xxxxxxxxxxxxx on behalf of Neil Cassidy Sent: Thu 04/05/2006 1:18 PM To: isalist@xxxxxxxxxxxxx Subject: [isalist] Re: 2 be or not 2 be? "FYI, I am racist in anyway when it comes to Russians " and I used to think you were misunderstood. You are a major buttwipe. I would love to bump into you someday. Anyone who helps this idiot is a fool. ________________________________ From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Andrew English Sent: Thursday, May 04, 2006 1:02 PM To: isalist@xxxxxxxxxxxxx Subject: 2 be or not 2 be? Hi Everyone remember me?? :) I am sure these guys before me who are Russian had good intentions when they put this network together but they sure a hell messed it up. :( For starters the web site which has SSL has been plagued with issues, one which from the web side when you access the managers site and click on their real-time java application it opens a window and java starts up but then the applet shows a red X. If you open the site locally on the LAN side and go to the managers site (not using SSL) and open real-time the applet works without any issues. Next they have apache on the DMZ taking http of the site and converting it to https (the certs are stored on the Linux box and there aren't any certs installed on IIS or Exchange) and are also redirecting URL requests on the site to the actual application server which runs on the LAN side on Windows 2003 Server as 192.168.1.10:8082, if I HTTP locally to the full URL with PORT number I get "page can not be displayed", plus to top it off the site works perfectly except for the Exchange link because its not pointed right on the LAN side without the SSL or redirecting the pages to port 8082. So my question now is as I am going to through this lame WatchGuard firewall looking at their rules I notice they block a gazillion of IP addresses and Ranges from SMTP, then to make it more archaic because the SMTP and IMAP come into the second Linux box on the DMZ then pass through to the Exchange server, and funny Exchange passes SMTP back to the Linux box, they also block the same gazillion IP addresses and ranges between the Linux and the Exchange server. I am wondering if I should also port the IPs into ISA into one rule or add them to IMF which I am going to install them for them once ISA is ready to go? Can someone tell me if there is a cheaper SSL service on the net? Their only SSL cert currently is hosted by Network Solutions, and ideally I am thinking since they don't transfer and confidential information when clients login such as credit card numbers etc that if I can't find a cheaper SSL cert service request NS to reissue the cert as owa.domain.com so I can then apply it to the OWA Exchange site keeping the stock site as HTTP, and maybe do RPC over HTTP for them since they have sale people on the road with notebooks. FYI, I am racist in anyway when it comes to Russians I find it very funny that ones I have met over the years or heard about think more about job security then they do about doing the job right. I am sure there are a lot of hard working Russian people out there who are honest! Regards, Andrew