RE: FW: https through 2 ISA firewall help me please

  • From: "Terzano, Thierry" <Thierry.Terzano@xxxxxxxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Fri, 25 Oct 2002 18:38:14 +0200

I receive that:

-----
The page cannot be displayed 
There is a problem with the page you are trying to reach and it cannot be 
displayed. 

Please try the following:

Click the Refresh button, or try again later.

Open the sptgt01.softplumbers.com home page, and then look for links to the 
information you want. 
If you believe you should be able to view this directory or page, please 
contact the Web site administrator by using the e-mail address or phone number 
listed on the sptgt01.softplumbers.com home page. 

500 Internal Server Error - The target principal name is incorrect. 
(-2146893022)
Internet Security and Acceleration Server 
-----

Is somebody here that have an idea???

Thierry


-----Original Message-----
From: Terzano, Thierry 
Sent: Friday, 25 October 2002 10:37
To: [ISAserver.org Discussion List]
Subject: [isalist] FW: https through 2 ISA firewall help me please


http://www.ISAserver.org


Please Help...

Thierry

I sent it yesterday, but no answer, so has someone any idea?

---
Hi,

I try since 2 days to reach a web site www.abc.com under https across 2 ISA 
firewall that are in 2 different domains.

I show you my configuration:

I pass the url: https://www.abc.com/titi.htm in a IE.

www.abc.com is known on public dns as an public IP address xxx.yyy.zzz.ttt

My first ISA listens on this address (xxx.yyy.zzz.ttt) via dns name www.abc.com 
AND the certificate installed for securise www.abc.com site is installed as a 
local certificate (imported) on this ISA firewall. It is configured to enable 
SSL port 443 on it, and for this connection, use the certificate previously 
installed on the ISA firewall.

My action on this first ISA is to redirect the request to an internal machine 
(dns name) that is known on my internal DNS server. So it's redirected to the 
internel address aaa.bbb.ccc.ddd but the I keep the original host header and I 
don't bridge SSL (port 443).

The second ISA server is configured to listen on aaa.bbb.ccc.ddd ip address via 
its internal dns name www.abc.com because the same certificate (than the one 
installed on web site and first firewall) is installed on this second ISA.

This second ISA is configured like the first ISA. It listens on the internal 
address and redirect to another internal one on its domain.

Here is theory... but practically, I am not able to have an answer... always 
errors from ISA, so can you please help meeeee (:(

Thierry

---

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
thierry.terzano@xxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')


Other related posts: