http://www.ISAserver.org ------------------------------------------------------- A1 - you must not use name-based destination in a rule that includes "all protocols". Name-based rules are ONLY for HTTP and HTTPS. A2 - you cannot use URL sets for SSL connections because unlike CERN HTTP and CERN FTP traffic, ISA never has access to the entire URL for HTTPS tunnels. You can create two rules: 1. allow HTTP/HTTPS from to specific destinations 2. deny all JimmyJoeBob Alooba Office 2007 on Win7 Beta -----Original Message----- From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Tom Rogers Sent: Friday, January 30, 2009 9:12 AM To: isalist@xxxxxxxxxxxxx Subject: [isalist] Access Rule Issue... http://www.ISAserver.org ------------------------------------------------------- I am using ISA 2006 SP-1 on a W2K3 SP1 server. I created an access rule for a specific user that denies all traffic from internal to external, except a list of a few websites that I put into a URL Set. This works just fine, except when it comes to accessing https websites and I cannot figure it out. If the user tries to go to any website outsite of the URL Set contents, I redirect to a custom page stating that the website is not allowed from this computer. For example, if the user tries to go to cnn.com, my custom denial page displays. But with the HTTPS sites failure for the allowed sites, it does not go to my custom page, but just tells me IE cannot display the webpage. For example - in my URL Set I have a website HTTP://WWW.EXCELLUSBCBS.COM/* but when you go to this root website it changes to https://www.excellusbcbs.com/wps/portal/xl in a web browser. So then I put that new address into my URL Set as well. I don't get the redirect page, but I just get an error stating IE cannot display the webpage. Why is this? I have allowed that specific URL in my URL Set. TIA, -Tom Rogers ------------------------------------------------------ List Archives: //www.freelists.org/archives/isalist/ ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ ISA Server Blogs: http://blogs.isaserver.org/ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ To unsubscribe visit http://www.isaserver.org/pages/isalist.asp Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: //www.freelists.org/archives/isalist/ ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ ISA Server Blogs: http://blogs.isaserver.org/ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ To unsubscribe visit http://www.isaserver.org/pages/isalist.asp Report abuse to listadmin@xxxxxxxxxxxxx