RE: "Failed Connection Attempt" for SSL-tunnel (443) protocol
- From: "Thor \(Hammer of God\)" <thor@xxxxxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Fri, 13 Jan 2006 10:09:41 -0800
Every time I see "PMTU discovery" I think of "The Crying Game."
t
-----
"I'll see your Llama and up you a Badger."
John T
----- Original Message -----
From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Friday, January 13, 2006 9:59 AM
Subject: [isalist] RE: "Failed Connection Attempt" for SSL-tunnel (443)
protocol
http://www.ISAserver.org
Try installing the RPC fix and maybe enable PMTU discovery.
Thomas W Shinder, M.D.
Site: www.isaserver.org <http://www.isaserver.org/>
Blog: http://spaces.msn.com/members/drisa/
Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7>
MVP -- ISA Firewalls
**Who is John Galt?**
________________________________
From: Jonathon J. Howey [mailto:Jonathon@xxxxxxx]
Sent: Friday, January 13, 2006 11:53 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: "Failed Connection Attempt" for
SSL-tunnel (443) protocol
http://www.ISAserver.org
The ISA server / domain controller has been up for 2 years,
upgraded to SP1 over Christmas holidays. This server with the RPC
problems was also setup over the holidays, joined a workgroup first
during install, performed Windows Updates, updated to Windows 2k3 SP1,
then joined the domain. Didn't notice any RPC problems at all until a
program we installed required MAPI and noticed strange Exchange behavior
when connecting. Installed the KB897716 late yesterday afternoon, fixed
Outlook/Exchange problem, but created a TS RPC Error on logon.
SCW is not installed on either machine. Does that help you more
Amy et al, as it sounds like you thought my server having problems was
an SBS from your questions.
[Jonathon J. Howey]
________________________________
From: Amy Babinchak [mailto:amy@xxxxxxxxxxxxxxxxxxxxxxxxxx]
Sent: January 13, 2006 10:38 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: "Failed Connection Attempt" for
SSL-tunnel (443) protocol
http://www.ISAserver.org
Now the truth is coming out. RPC and LDAP can be related
problems. Fix RPC and your LDAP problem will probably also go away. Did
you use the SBS install routine when setting up this server? Did you run
the connect to the Internet wizard when prompted and choose "enable
firewall" therein? Or did skip the wizards and configure it from
scratch?
Amy
________________________________
From: Jonathon J. Howey [mailto:Jonathon@xxxxxxx]
Sent: Friday, January 13, 2006 12:22 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: "Failed Connection Attempt" for
SSL-tunnel (443) protocol
http://www.ISAserver.org
To further clarify, I was having RPC errors on this same
machine, so I went ahead and installed 897716 as the error matches the
error we were
seeing in Exchange, so we installed. Now we've been getting "The
system cannot log you on due to the following error: The RPC
server is unavailable" when trying to RDP in as any user (other than
Domain Admin), and when I run ISA logging, I noticed LDAP is being
refused (also with Kerberos-Sec like I said yesterday, but that was
being blocked before).
________________________________
From: Jonathon J. Howey [mailto:Jonathon@xxxxxxx]
Sent: January 13, 2006 10:10 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: "Failed Connection Attempt" for
SSL-tunnel (443) protocol
http://www.ISAserver.org
Is there any reason why LDAP would be refused now between this
machine and my SBS with ISA? This Apps server is part of the Internal
network range.
Jonathon J. Howey
KPSA Compliance Management Inc.
P 780.409.5620
F 780.409.5621
D 780.409.5628
C 780.965.8363
Jonathon@xxxxxxx
Guiding the Future of Transportation
www.KPSA.ca <http://www.kpsa.ca/>
________________________________
From: Jonathon J. Howey [mailto:Jonathon@xxxxxxx]
Sent: January 12, 2006 1:52 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: "Failed Connection Attempt" for
SSL-tunnel (443) protocol
http://www.ISAserver.org
Yah :-( didn't think it was that big of a deal ; sorry
Jonathon J. Howey
KPSA Compliance Management Inc.
P 780.409.5620
F 780.409.5621
D 780.409.5628
C 780.965.8363
Jonathon@xxxxxxx
Guiding the Future of Transportation
www.KPSA.ca <http://www.kpsa.ca/>
________________________________
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
Sent: January 12, 2006 1:26 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: "Failed Connection Attempt" for
SSL-tunnel (443) protocol
http://www.ISAserver.org
WHOA.
Are you saying this is ISA on SBS?
That's quite different and a "oh by the way, how was the play
Mrs. Lincoln" moment :)
Tom
Thomas W Shinder, M.D.
Site: www.isaserver.org <http://www.isaserver.org/>
Blog: http://spaces.msn.com/members/drisa/
<http://spaces.msn.com/members/drisa/>
Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7>
MVP -- ISA Firewalls
------------------------------------------------------
List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion
List as: Jonathon@xxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion
List as: tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
thor@xxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
