Re: Problem Connecting to https web site
- From: "Jim Harrison" <jim@xxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Mon, 1 Jul 2002 07:11:14 -0700
Actually, "FIN ACK" is the end of a conversation.
If you see "SYN" or "SYN ACK" being blocked, that's the start.
Try disabling "Enable filtering of IP fragments" in IP Packet Filtering
properties.
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/authors/harrison/
Read the books!
----- Original Message -----
From: Stefano Peduzzi
To: [ISAserver.org Discussion List]
Sent: Monday, July 01, 2002 6:46 AM
Subject: [isalist] Problem Connecting to https web site
http://www.ISAserver.org
Hi,
When I try to connect to www.sella.it (an https web site) I can't: the web
browser doesn't show anything until i get 10060 message from isa.
I checked the Log and I found this lines:
2002-06-25 14:19:48 192.168.1.2 212.210.166.90 Tcp 24476 443 FIN ACK
BLOCKED 192.168.1.2
2002-06-25 14:51:38 192.168.1.2 212.210.166.90 Tcp 24649 443 FIN ACK
BLOCKED 192.168.1.2
2002-06-25 14:53:06 192.168.1.2 212.210.166.90 Tcp 24649 443 FIN ACK
BLOCKED 192.168.1.2
192.168.1.2 is the external interface of Isa Server.
Note that I don't have any problem with other https web sites.
Also lines like this ones sometimes generate a ISA SCAN ATTACK event... in
fact now I ignore this type of event (usually coming from a pop3 server).
Any idea on the problem?? Why this packages are blocked (high ports
shouldn't be blocked!)? FIN ACK is the package sent to establish the
connection, ain't it?
Stefano Peduzzi
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts:
