[isalist] Re: HTTPS Connectivity Issue

  • From: Jim Harrison <Jim@xxxxxxxxxxxx>
  • To: "isalist@xxxxxxxxxxxxx" <isalist@xxxxxxxxxxxxx>
  • Date: Wed, 10 Sep 2008 10:12:51 -0700

The logs don't say that the server aborted the connection; it says "someone" 
did.
Only a network capture will help you determine which of the three entities 
aborted the connection.

Jim

From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On 
Behalf Of Jerry Young
Sent: Wednesday, September 10, 2008 8:25 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] HTTPS Connectivity Issue

I created a simple server publishing rule in ISA Server 2006 that is configured 
to allow HTTPS traffic that hits the ISA Server's external IP address to access 
a server providing Secure FTP services (configured to use port 443, at any rate 
- and yes I know about 990 and 22).  However, when I attempt to connect, I get 
the following results.

Original Client IP        Client Agent    Authenticated Client    Service       
     Referring Server            Destination Host Name           Transport      
   HTTP Method MIME Type     Object Source Source Proxy   Destination Proxy     
   Bidirectional   Client Host Name        Filter Information      Network 
Interface       Raw IP Header            Raw Payload   GMT Log Time            
Source Port     Processing Time          Bytes Sent       Bytes Received        
   Cache Information      Error Information        Authentication Server  Log 
Time         Client IP            Destination IP  Destination Port          
Protocol          Action Rule     Result Code            HTTP Status Code      
Client Username          Source Network          Destination Network          
URL     Server Name   Log Record Type
172.16.9.69<http://172.16.9.69>                                         -       
                TCP     -           -                                           
                            -                                               
9/10/2008 3:16:11 PM            33867  0            0          0          0x0   
   0x0      -           9/10/2008 11:16:11 AM         
172.16.9.69<http://172.16.9.69>            10.3.0.40<http://10.3.0.40>         
443      HTTPS Server Initiated Connection    Corporate Secure FTP Access 0x0 
ERROR_SUCCESS                                 External           Perimeter      
   -            HVW2K3ISA01          Firewall
172.16.9.69<http://172.16.9.69>                                         -       
                TCP     -           -                                           
                            -                                               
9/10/2008 3:16:11 PM            33867  31            206      88        0x0     
 0x0      -           9/10/2008 11:16:11 AM         
172.16.9.69<http://172.16.9.69>            10.3.0.40<http://10.3.0.40>         
443      HTTPS Server Closed Connection      Corporate Secure FTP Access 
0x80074e21 FWX_E_ABORTIVE_SHUTDOWN                             External         
   Perimeter         -           HVW2K3ISA01          Firewall

Might anyone know why the firewall is aborting the connection?

I have a similar server publishing rule (uses FTP instead of HTTPS) that works. 
 The only difference between the two is the protocol that's allowed.

Also, the ERROR_SUCCESS issue perplexes me because of the paradox those two 
words together present. :)
--
Cordially yours,
Jerry G. Young II
Microsoft Certified Systems Engineer

Other related posts: