Create two listeners; one using HTTP (TCP:80) and the other using HTTPS (TCP:443). Set the HTTP listener to be anonymous and the SSL listener to use authentication. Uncheck "require authentication" on both. Use your rules to determine what, if any authentication is required. Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! -----Original Message----- From: William Holmes [mailto:wtholmes@xxxxxxxxxxxxxx] Sent: Saturday, December 18, 2004 7:22 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Auto Switching to SSL connection http://www.ISAserver.org Hello, Thease are very handy but they don't do quite what I want. The problem is that ISA is still requesting a password before it will display the page and generate the error. I want to go to SSL prior to ISA prompting for a password. user requests http://myserver/securpage redirect --> https://myserver/securepage prompt for credentials. What happens now: user requests http://myserver/securepage prompt for credentials error is generated the scripts you pointed me to re-direct --> https://myserver/securepage The other issue is that I would like to be able to give out direct links things like http://myserver/securepage/foo/bar/ and have it first redirected to https://myserver/securepage/foo/bar. The issue is that users who browse this site from and internal network don't get prompted for passwords. Those who browse from outside do. I want the authentication handshake to be in SSL. I am using Radius so the passwords between the client and the isa server are running in the clear unless I use ssl. Any suggestions? Thanks Bill -----Original Message----- From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] Sent: Saturday, December 18, 2004 1:02 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Auto Switching to SSL connection http://www.ISAserver.org http://isatools.org/isa_redirects.zip includes two separate examples and a set of instructions on how to use each. Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! -----Original Message----- From: William Holmes [mailto:wtholmes@xxxxxxxxxxxxxx] Sent: Friday, December 17, 2004 8:49 PM To: [ISAserver.org Discussion List] Subject: [isalist] Auto Switching to SSL connection http://www.ISAserver.org Hello, With ISA 2004 is there a way to configure a rule that will switch the user to ssl ? What I would like is requests for http://mysite.com/foo to be swithced to https://mysite.com/foo. I don't see any obvious way to do this. The reason for doing this is that the publishing rule is setup for authentication and I obviously would like that to be secure. So I would like the SSL switch to take place before the authentication. Thanks Bill William Holmes (MCP) Department of Computer Science 310 Upson Hall Cornell University Ithaca, NY 14853 wtholmes@xxxxxxxxxxxxxx 607 255-1757 (o) 607 227-6049 (c) ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx All mail to and from this domain is GFI-scanned. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: wtholmes@xxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx All mail to and from this domain is GFI-scanned.