[isalist] Re: 2 be or not 2 be? (Ah Crap)
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
- To: <isalist@xxxxxxxxxxxxx>
- Date: Thu, 4 May 2006 14:43:24 -0500
Or Captain Crazy Ivan :)
Thomas W Shinder, M.D.
Site: www.isaserver.org <http://www.isaserver.org/>
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7>
MVP -- ISA Firewalls
________________________________
From: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Steve Moffat
Sent: Thursday, May 04, 2006 2:20 PM
To: ISA Mailing List
Subject: [isalist] Re: 2 be or not 2 be? (Ah Crap)
That would make you comrade Pugwash then?
J
________________________________
From: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Thomas W Shinder
Sent: Thursday, May 04, 2006 2:47 PM
To: ISA Mailing List
Subject: [isalist] Re: 2 be or not 2 be? (Ah Crap)
That's good. My paternal grandparents came over the boat from
the Old Country.
Thomas W Shinder, M.D.
Site: www.isaserver.org <http://www.isaserver.org/>
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
________________________________
From: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Andrew English
Sent: Thursday, May 04, 2006 12:51 PM
To: isalist@xxxxxxxxxxxxx
Subject: RE: [isalist] Re: 2 be or not 2 be? (Ah Crap)
AH Crap.. It pays to read your stuff before you post
it.. MY BAD.. I honestly meant to say "I am not a racist".. (kicking
myself for saying it the other way). Please excuse my dyslexic typing I
seriously do apologize if I offended anyone.
Regards,
Andrew
________________________________
From: isalist-bounce@xxxxxxxxxxxxx on behalf of Neil
Cassidy
Sent: Thu 04/05/2006 1:18 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: 2 be or not 2 be?
"FYI, I am racist in anyway when it comes to Russians "
and I used to think you were misunderstood. You are a
major buttwipe. I would love to bump into you someday. Anyone who
helps this idiot is a fool.
________________________________
From: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Andrew English
Sent: Thursday, May 04, 2006 1:02 PM
To: isalist@xxxxxxxxxxxxx
Subject: 2 be or not 2 be?
Hi Everyone remember me?? :)
I am sure these guys before me who are Russian had good
intentions when they put this network together but they sure a hell
messed it up. :(
For starters the web site which has SSL has been plagued
with issues, one which from the web side when you access the managers
site and click on their real-time java application it opens a window and
java starts up but then the applet shows a red X. If you open the site
locally on the LAN side and go to the managers site (not using SSL) and
open real-time the applet works without any issues.
Next they have apache on the DMZ taking http of the site
and converting it to https (the certs are stored on the Linux box and
there aren't any certs installed on IIS or Exchange) and are also
redirecting URL requests on the site to the actual application server
which runs on the LAN side on Windows 2003 Server as 192.168.1.10:8082,
if I HTTP locally to the full URL with PORT number I get "page can not
be displayed", plus to top it off the site works perfectly except for
the Exchange link because its not pointed right on the LAN side without
the SSL or redirecting the pages to port 8082.
So my question now is as I am going to through this lame
WatchGuard firewall looking at their rules I notice they block a
gazillion of IP addresses and Ranges from SMTP, then to make it more
archaic because the SMTP and IMAP come into the second Linux box on the
DMZ then pass through to the Exchange server, and funny Exchange passes
SMTP back to the Linux box, they also block the same gazillion IP
addresses and ranges between the Linux and the Exchange server. I am
wondering if I should also port the IPs into ISA into one rule or add
them to IMF which I am going to install them for them once ISA is ready
to go?
Can someone tell me if there is a cheaper SSL service on
the net? Their only SSL cert currently is hosted by Network Solutions,
and ideally I am thinking since they don't transfer and confidential
information when clients login such as credit card numbers etc that if I
can't find a cheaper SSL cert service request NS to reissue the cert as
owa.domain.com so I can then apply it to the OWA Exchange site keeping
the stock site as HTTP, and maybe do RPC over HTTP for them since they
have sale people on the road with notebooks.
FYI, I am racist in anyway when it comes to Russians I
find it very funny that ones I have met over the years or heard about
think more about job security then they do about doing the job right. I
am sure there are a lot of hard working Russian people out there who are
honest!
Regards,
Andrew
Other related posts:
