http://www.ISAserver.org ------------------------------------------------------- Have you verified whether or not 128-bit encryption is actually being enforced? -----Original Message----- From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Stefaan Pouseele Sent: Saturday, December 02, 2006 6:46 AM To: isalist@xxxxxxxxxxxxx Subject: [isalist] Re: ISA 2006 - Require 128-bit encryption for HTTPS traffic http://www.ISAserver.org ------------------------------------------------------- Hi all, after some further investigation I found some other strange dependencies. If you enable HTTP and HTTPS first and than tick the box 'Do not redirect traffic from HTTP to HTTPS' in the web listener, than the box 'Notify HTTP users to use HTTPS instead' becomes enabled in the Traffic tab of the web publishing rule. If you tick that one than the box 'Require 128-bit encryption for HTTPS traffic' becomes enabled too. Moreover, if you now tick first the box 'Notify HTTP users to use HTTPS instead' in the Traffic tab of the web publishing rule and than select 'Redirect all traffic from HTTP to HTTPS' in the web listener, than the box 'Notify HTTP users to use HTTPS instead' becomes greyed out but the box 'Require 128-bit encryption for HTTPS traffic' stays enabled. So, we can get it to work as per our requirements but why this strange dependencies in the GUI? I can't figure out the logic behind this! :-( Thanks, Stefaan -----Original Message----- From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Stefaan Pouseele Sent: zaterdag 2 december 2006 14:47 To: isalist@xxxxxxxxxxxxx Subject: [isalist] ISA 2006 - Require 128-bit encryption for HTTPS traffic http://www.ISAserver.org ------------------------------------------------------- Hi, I'm trying to implement the following requirements in a simple web publishing rule on ISA 2006: 1. Accept HTTP and HTTPS. 2. Redirect all traffic from HTTP to HTTPS. 3. Require 128-bit encryption for HTTPS traffic. In the web listener I enabled HTTP and HTTPS and ticket the box 'Redirect all traffic from HTTP to HTTPS'. This ensures that all traffic, including any authentication traffic is done over HTTPS. However, in the web publishing rule I can't enable the box 'Require 128-bit encryption for HTTPS traffic' in the Traffic tab. That box is greyed out! Only when I disable HTTP on the web listener I can enable the box 'Require 128-bit encryption for HTTPS traffic' in the Traffic tab. Can't we redirect HTTP to HTTPS *and* require 128-bit encryption in one step? What I'm missing? Thanks, Stefaan ------------------------------------------------------ List Archives: //www.freelists.org/archives/isalist/ ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ ISA Server Blogs: http://blogs.isaserver.org/ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ To unsubscribe visit http://www.isaserver.org/pages/isalist.asp Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: //www.freelists.org/archives/isalist/ ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ ISA Server Blogs: http://blogs.isaserver.org/ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ To unsubscribe visit http://www.isaserver.org/pages/isalist.asp Report abuse to listadmin@xxxxxxxxxxxxx All mail to and from this domain is GFI-scanned. ------------------------------------------------------ List Archives: //www.freelists.org/archives/isalist/ ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ ISA Server Blogs: http://blogs.isaserver.org/ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ To unsubscribe visit http://www.isaserver.org/pages/isalist.asp Report abuse to listadmin@xxxxxxxxxxxxx