RE: Connection Issue

• From: "Thomas W Shinder" <tshinder@xxxxxxxxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Mon, 1 Sep 2003 11:25:00 -0500

Hi Eric,
 
If they only use 80 and 443, then there should be no problem. I connect
to my banks using SSL and never have a problem.
 
SSL bridging isn't an issue for outbound requests (unless you're using
Web Proxy chaining) because you can't connect a browser client to the
Outgoing Web Requests listener using SSL (would be a great feature,
though).
 
SSL bridging in only an issue for inbound requests. That allows the
firewall to examine the contents of inbound SSL connection for malicious
content/commands.
 
So, on a pure protocol basis, I don't see where ISA would be a problem.
However, they might be using some funky Java code that could be causing
problems.
 
HTH,
Tom
 
Thomas W Shinder
www.isaserver.org/shinder <http://www.isaserver.org/shinder>  
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp
<http://tinyurl.com/1llp> 

 

        -----Original Message-----
        From: Eric Poole [mailto:EPoole@xxxxxxxxxxxxxxxxxxxx] 
        Sent: Friday, August 29, 2003 2:05 PM
        To: [ISAserver.org Discussion List]
        Subject: [isalist] RE: Connection Issue
        
        
        http://www.ISAserver.org
        
        

        A thank you to all (even the wisenheimers!).  Discussions have
begun with our network team using the input provided here as baseline
issues.  Thanks again!

        Let me add something, I just read -
http://www.isaserver.org/tutorials/Understanding_SSL_bridging_and_tunnel
ing_within_ISA.html
<http://www.isaserver.org/tutorials/Understanding_SSL_bridging_and_tunne
ling_within_ISA.html>  - and one of our issues is connecting to a
specific site that uses https.  All that they say is needed is port 80
and 443.  Yet the darn thing keeps timing out/locking up!  We have
multiple banking sites that we use that do not have issues...could ISA
be the problem?  Vendor states that they have read about known issues
with ISA and SSL?  They couldn't provide any links and I haven't been
able to find them.  Any thoughts?

        Eric Poole

        IS Security Analyst

        Community Medical Centers <http://communitymedical.org/> 

        1140 "T" Street, Fresno, California  93721

        559-459-6784 (phone)  559-459-2045 (fax)

        

Other related posts:

• » Connection Issue
• » RE: Connection Issue
• » RE: Connection Issue
• » RE: Connection Issue
• » RE: Connection Issue
• » RE: Connection Issue
• » RE: Connection Issue
• » RE: Connection Issue
• » RE: Connection Issue
• » RE: Connection Issue
• » RE: Connection Issue
• » RE: Connection Issue
• » RE: Connection Issue
• » RE: Connection Issue
• » RE: Connection Issue
• » RE: Connection Issue
• » RE: Connection Issue
• » RE: Connection Issue
• » RE: Connection Issue
• » RE: Connection Issue
• » RE: Connection Issue

1. Home
2. isalist
3. Archive
4. 09-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---