RE: HTTPS, Published Web Site, Firewall / Proxy Client

• From: "Paul Crisp" <pcrisp@xxxxxxxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Wed, 2 Nov 2005 19:46:25 -0000

HTTPS, Published Web Site, Firewall / Proxy ClientHey Tom,

Red alert over and all sorted thank you Mr Rule Maker :) Perhaps the 10 
commandments of ISA should be put on the website for ease of use, if it hasn't 
been put on there already.
Internal access to SSL pages all sorted as well, decided to make some changes 
to the internal DNS server once and for all

Thanks again for the quick response

Paul
  ----- Original Message ----- 
  From: Thomas W Shinder 
  To: [ISAserver.org Discussion List] 
  Sent: Wednesday, November 02, 2005 3:54 PM
  Subject: [isalist] RE: HTTPS, Published Web Site, Firewall / Proxy Client


  http://www.ISAserver.org

  Hi Paul,

  Very good! Let us know if you have any problems with the certificate issues.

  Tom

  Thomas W Shinder, M.D.
  Site: www.isaserver.org
  Blog: http://spaces.msn.com/members/drisa/
  Book: http://tinyurl.com/3xqb7
  MVP -- ISA Firewalls
  **Who is John Galt?**





----------------------------------------------------------------------------
    From: Paul Crisp [mailto:PCrisp@xxxxxxxxxxxxxxxxx] 
    Sent: Wednesday, November 02, 2005 9:51 AM
    To: [ISAserver.org Discussion List]
    Subject: [isalist] RE: HTTPS, Published Web Site, Firewall / Proxy Client


    http://www.ISAserver.org

    Hi Tom,

     

    Oooops *RED ALERT* *RED ALERT* VIOLATION HAS OCCURRED !!!

     

    To be honest I think it was being done because we had problems with the 
secure certificate when accessing internally, but I'll fix the firewall first 
and then work out the problem with the cert

     

    Cheers Tom 

     

    Paul Crisp 
    Snr Network Support Analyst 


----------------------------------------------------------------------------

    From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] 
    Sent: 02 November 2005 15:42
    To: [ISAserver.org Discussion List]
    Subject: [isalist] RE: HTTPS, Published Web Site, Firewall / Proxy Client

     

    http://www.ISAserver.org

    Hi Paul,

     

    VIOLATION of ISA FIREWALL LAW #1:

     

    Do NOT loop back through the ISA firewall to access local resources.

     

    ANS:

    Direct Access

     

    HTH,

    Tom

     

    Thomas W Shinder, M.D.
    Site: www.isaserver.org
    Blog: http://spaces.msn.com/members/drisa/
    Book: http://tinyurl.com/3xqb7
    MVP -- ISA Firewalls
    **Who is John Galt?**

     

       


--------------------------------------------------------------------------

      From: Paul Crisp [mailto:PCrisp@xxxxxxxxxxxxxxxxx] 
      Sent: Wednesday, November 02, 2005 9:43 AM
      To: [ISAserver.org Discussion List]
      Subject: [isalist] HTTPS, Published Web Site, Firewall / Proxy Client

      http://www.ISAserver.org



      Hi all,

      OK got a slight situation here. Running ISA 2004 and have got web sites 
published using port 80 and port 443 and from the outside world all is 
accessible and working fine. A secure certificate is placed on the ISA box on 
the listener and on the Web Server box and as I say all is working fine from 
the outside world.

      Today an internal person tried to access the published secure website and 
the error 502 Proxy Error: 12202 error appears.

      The internal persons machine is configured as a Firewall and Proxy client 
and when we switch these settings to point to another ISA box in another 
location, they can access the site without a problem. It appears that if a 
client is sitting behind the original ISA box, then it doesn't work and the 
error is produced.

      If I trace the web server I am correctly issued the external IP address 
of the ISA box, so traffic is effectively going out of the ISA box and then 
coming back in to the same box.

      Any clues where to look?

      Regards

       

      Paul Crisp

      Snr Network Support Analyst

      ------------------------------------------------------
      List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
      ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
      ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
      ------------------------------------------------------
      Visit TechGenix.com for more information about our other sites:
      http://www.techgenix.com
      ------------------------------------------------------
      You are currently subscribed to this ISAserver.org Discussion List as: 
tshinder@xxxxxxxxxxxxxxxxxx
      To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
      Report abuse to listadmin@xxxxxxxxxxxxx 

    ------------------------------------------------------
    List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
    ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
    ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
    ------------------------------------------------------
    Visit TechGenix.com for more information about our other sites:
    http://www.techgenix.com
    ------------------------------------------------------
    You are currently subscribed to this ISAserver.org Discussion List as: 
pcrisp@xxxxxxxxxxxxxxxxx
    To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
    Report abuse to listadmin@xxxxxxxxxxxxx 

    ------------------------------------------------------
    List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
    ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
    ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
    ------------------------------------------------------
    Visit TechGenix.com for more information about our other sites:
    http://www.techgenix.com
    ------------------------------------------------------
    You are currently subscribed to this ISAserver.org Discussion List as: 
tshinder@xxxxxxxxxxxxxxxxxx
    To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
    Report abuse to listadmin@xxxxxxxxxxxxx 
  ------------------------------------------------------
  List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
  ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
  ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
  ------------------------------------------------------
  Visit TechGenix.com for more information about our other sites:
  http://www.techgenix.com
  ------------------------------------------------------
  You are currently subscribed to this ISAserver.org Discussion List as: 
pcrisp@xxxxxxxxxxxxxxxxx
  To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
  Report abuse to listadmin@xxxxxxxxxxxxx 

Other related posts:

• » HTTPS, Published Web Site, Firewall / Proxy Client
• » RE: HTTPS, Published Web Site, Firewall / Proxy Client
• » RE: HTTPS, Published Web Site, Firewall / Proxy Client
• » RE: HTTPS, Published Web Site, Firewall / Proxy Client
• » RE: HTTPS, Published Web Site, Firewall / Proxy Client

1. Home
2. isalist
3. Archive
4. 11-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---