[isalist] Re: Anyone with experience getting F5 Network's Firepass to work through ISA 2004
- From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
- To: <isalist@xxxxxxxxxxxxx>
- Date: Wed, 8 Aug 2007 06:15:49 -0700
Ask if they use source-IP to validate the user connection.
Many banking sites still do this, even though it's invalid.
Because the connection uses an SSL tunnel through ISA, all ISA knows is
that the connection is made & broken.
You'll have to work with them live to sort this out.
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of Chris Addicks
Sent: Tuesday, August 07, 2007 11:23 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Anyone with experience getting F5 Network's Firepass
to work through ISA 2004
I have internal clients that need to access the state of Georgia's
secure site via a SSL-VPN. The state has chosen to use F5 Network's
Firepass product to create a SSL-VPN. The tunnel seems to be created
OK, but communications with the host via the tunnel is very
inconsistent. I have been trying to work with the state's support
personnel and they have tried to help, but so far we have had very poor
results.
At this point, I don't know if the problem is on their end or mine. I
created a rule allowing HTTP and HTTPS from my internal network to their
specific hosts, with all users allowed. The logs indicate the tunnel is
established, but it is closed almost immediately. I have attached a
sample of the log, all this activity is from a single internal client
computer trying to establish and use the SSL-VPN.
Anyone else working with Firepass and having success?
Chris
All mail to and from this domain is GFI-scanned.
Other related posts:
