[isalist] Re: ISA 2006 - Require 128-bit encryption for HTTPS traffic
- From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
- To: <isalist@xxxxxxxxxxxxx>
- Date: Sat, 2 Dec 2006 06:57:42 -0800
http://www.ISAserver.org
-------------------------------------------------------
Have you verified whether or not 128-bit encryption is actually being
enforced?
-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of Stefaan Pouseele
Sent: Saturday, December 02, 2006 6:46 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: ISA 2006 - Require 128-bit encryption for HTTPS
traffic
http://www.ISAserver.org
-------------------------------------------------------
Hi all,
after some further investigation I found some other strange
dependencies.
If you enable HTTP and HTTPS first and than tick the box 'Do not
redirect traffic from HTTP to HTTPS' in the web listener, than the box
'Notify HTTP users to use HTTPS instead' becomes enabled in the Traffic
tab of the web publishing rule. If you tick that one than the box
'Require 128-bit encryption for HTTPS traffic' becomes enabled too.
Moreover, if you now tick first the box 'Notify HTTP users to use HTTPS
instead' in the Traffic tab of the web publishing rule and than select
'Redirect all traffic from HTTP to HTTPS' in the web listener, than the
box 'Notify HTTP users to use HTTPS instead' becomes greyed out but the
box 'Require 128-bit encryption for HTTPS traffic' stays enabled.
So, we can get it to work as per our requirements but why this strange
dependencies in the GUI? I can't figure out the logic behind this! :-(
Thanks,
Stefaan
-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of Stefaan Pouseele
Sent: zaterdag 2 december 2006 14:47
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] ISA 2006 - Require 128-bit encryption for HTTPS
traffic
http://www.ISAserver.org
-------------------------------------------------------
Hi,
I'm trying to implement the following requirements in a simple web
publishing rule on ISA 2006:
1. Accept HTTP and HTTPS.
2. Redirect all traffic from HTTP to HTTPS.
3. Require 128-bit encryption for HTTPS traffic.
In the web listener I enabled HTTP and HTTPS and ticket the box
'Redirect all traffic from HTTP to HTTPS'. This ensures that all
traffic, including any authentication traffic is done over HTTPS.
However, in the web publishing rule I can't enable the box 'Require
128-bit encryption for HTTPS traffic' in the Traffic tab. That box is
greyed out!
Only when I disable HTTP on the web listener I can enable the box
'Require 128-bit encryption for HTTPS traffic' in the Traffic tab.
Can't we redirect HTTP to HTTPS *and* require 128-bit encryption in one
step? What I'm missing?
Thanks,
Stefaan
------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials:
http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials:
http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
