[isalist] Re: Anyone with experience getting F5 Network's Firepass to work through ISA 2004

  • From: "Steve Moffat" <steve@xxxxxxxxxx>
  • To: "ISA Mailing List" <isalist@xxxxxxxxxxxxx>
  • Date: Tue, 7 Aug 2007 17:59:45 -0300

Why would you create a rule on ISA to allow protocols which would be
travelling over  a vpn??



ISA cannot inspect outgoing VPN traffic???



Have you allowed pptp etc from the internal host to the GS ipaddress?



S



From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of Chris Addicks
Sent: Tuesday, August 07, 2007 3:23 PM
To: ISA Mailing List
Subject: [isalist] Anyone with experience getting F5 Network's Firepass
to work through ISA 2004



I have internal clients that need to access the state of Georgia's
secure site via a SSL-VPN.  The state has chosen to use F5 Network's
Firepass product to create a SSL-VPN.  The tunnel seems to be created
OK, but communications with the host via the tunnel is very
inconsistent.  I have been trying to work with the state's support
personnel and they have tried to help, but so far we have had very poor
results.



At this point, I don't know if the problem is on their end or mine.  I
created a rule allowing HTTP and HTTPS from my internal network to their
specific hosts, with all users allowed.  The logs indicate the tunnel is
established, but it is closed almost immediately.  I have attached a
sample of the log, all this activity is from a single internal client
computer trying to establish and use the SSL-VPN.



Anyone else working with Firepass and having success?



Chris



Other related posts: