Hi Paul, VIOLATION of ISA FIREWALL LAW #1: Do NOT loop back through the ISA firewall to access local resources. ANS: Direct Access HTH, Tom Thomas W Shinder, M.D. Site: www.isaserver.org <http://www.isaserver.org/> Blog: http://spaces.msn.com/members/drisa/ Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> MVP -- ISA Firewalls **Who is John Galt?** ________________________________ From: Paul Crisp [mailto:PCrisp@xxxxxxxxxxxxxxxxx] Sent: Wednesday, November 02, 2005 9:43 AM To: [ISAserver.org Discussion List] Subject: [isalist] HTTPS, Published Web Site, Firewall / Proxy Client http://www.ISAserver.org Hi all, OK got a slight situation here. Running ISA 2004 and have got web sites published using port 80 and port 443 and from the outside world all is accessible and working fine. A secure certificate is placed on the ISA box on the listener and on the Web Server box and as I say all is working fine from the outside world. Today an internal person tried to access the published secure website and the error 502 Proxy Error: 12202 error appears. The internal persons machine is configured as a Firewall and Proxy client and when we switch these settings to point to another ISA box in another location, they can access the site without a problem. It appears that if a client is sitting behind the original ISA box, then it doesn't work and the error is produced. If I trace the web server I am correctly issued the external IP address of the ISA box, so traffic is effectively going out of the ISA box and then coming back in to the same box. Any clues where to look? Regards Paul Crisp Snr Network Support Analyst ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx