Tom, I'm wondering if I created a Perimeter network consisting of my internal server and the server I'm trying to access over 443, if it will work? Jonathon J. Howey KPSA Compliance Management Inc. P 780.409.5620 F 780.409.5621 D 780.409.5628 C 780.965.8363 Jonathon@xxxxxxx Guiding the Future of Transportation www.KPSA.ca <http://www.kpsa.ca/> ________________________________ From: Jonathon J. Howey [mailto:Jonathon@xxxxxxx] Sent: January 12, 2006 10:20 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: "Failed Connection Attempt" for SSL-tunnel (443) protocol http://www.ISAserver.org I'm told port 443 is bi-directional and port 80 is one-time only. Jonathon J. Howey KPSA Compliance Management Inc. P 780.409.5620 F 780.409.5621 D 780.409.5628 C 780.965.8363 Jonathon@xxxxxxx Guiding the Future of Transportation www.KPSA.ca <http://www.kpsa.ca/> ________________________________ From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] Sent: January 12, 2006 10:00 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: "Failed Connection Attempt" for SSL-tunnel (443) protocol http://www.ISAserver.org Hi Jonathan, OK, we really need to know if this is an inbound or outbound access issue because even starting the discussion. Thomas W Shinder, M.D. Site: www.isaserver.org <http://www.isaserver.org/> Blog: http://spaces.msn.com/members/drisa/ Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> MVP -- ISA Firewalls **Who is John Galt?** ________________________________ From: Jonathon J. Howey [mailto:Jonathon@xxxxxxx] Sent: Thursday, January 12, 2006 10:38 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: "Failed Connection Attempt" for SSL-tunnel (443) protocol http://www.ISAserver.org It's on a different server than ISA and my other port 80/443 applications that ISA publishes; it talks back and forth to the vendor's server over port 80/443 but when I monitor in ISA, it gives me the failed connection attempt error all the time (failing handshake?). Jonathon J. Howey KPSA Compliance Management Inc. P 780.409.5620 F 780.409.5621 D 780.409.5628 C 780.965.8363 Jonathon@xxxxxxx Guiding the Future of Transportation www.KPSA.ca <http://www.kpsa.ca/> ________________________________ From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] Sent: January 12, 2006 9:27 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: "Failed Connection Attempt" for SSL-tunnel (443) protocol http://www.ISAserver.org Hi Jonathon, You don't publish servers making primary outbound connections. That's what access rules are for. What device is making the primary connection? Thanks! Tom Thomas W Shinder, M.D. Site: www.isaserver.org <http://www.isaserver.org/> Blog: http://spaces.msn.com/members/drisa/ Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> MVP -- ISA Firewalls **Who is John Galt?** ________________________________ From: Jonathon J. Howey [mailto:Jonathon@xxxxxxx] Sent: Thursday, January 12, 2006 10:11 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: "Failed Connection Attempt" for SSL-tunnel (443) protocol http://www.ISAserver.org Doesn't anyone know? or do people just hate me Jonathon J. Howey KPSA Compliance Management Inc. P 780.409.5620 F 780.409.5621 D 780.409.5628 C 780.965.8363 Jonathon@xxxxxxx Guiding the Future of Transportation www.KPSA.ca <http://www.kpsa.ca/> ________________________________ From: Jonathon J. Howey [mailto:Jonathon@xxxxxxx] Sent: January 11, 2006 3:40 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: "Failed Connection Attempt" for SSL-tunnel (443) protocol http://www.ISAserver.org bump Jonathon J. Howey KPSA Compliance Management Inc. P 780.409.5620 F 780.409.5621 D 780.409.5628 C 780.965.8363 Jonathon@xxxxxxx Guiding the Future of Transportation www.KPSA.ca <http://www.kpsa.ca/> ________________________________ From: Jonathon J. Howey [mailto:Jonathon@xxxxxxx] Sent: January 11, 2006 11:41 AM To: [ISAserver.org Discussion List] Subject: [isalist] "Failed Connection Attempt" for SSL-tunnel (443) protocol http://www.ISAserver.org Hi, I've created a computer object with the destination IP I'm trying to reach, it's an authentication server for one of our apps, that communicates over port 80 and 443. I've since created a policy that allows from my internal network to the destination computer, over HTTP, HTTPS, and HTTPS Server. I'm getting the error in the subject when I check the logging, "Failed connection attempt". It is using my rule. I've also trying creating a network of just that one IP, did a secure server publishing rule, for my internal server to that network. I've tried with SSL Tunneling mode for a Perimeter Network and an External network, but to no avail. Same error as before. Thanks. Jonathon J. Howey KPSA Compliance Management Inc. P 780.409.5620 F 780.409.5621 D 780.409.5628 C 780.965.8363 Jonathon@xxxxxxx Guiding the Future of Transportation www.KPSA.ca <http://www.kpsa.ca/> ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: Jonathon@xxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: Jonathon@xxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: Jonathon@xxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: Jonathon@xxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx