Re: Problem connecting to SSL through non- standard ports

  • From: Jim Harrison <jim@xxxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Tue, 17 Aug 2004 18:59:04 -0700

Just change 
  set tmp=tprange.AddRange("SSL 444", 444, 444)
to
  tprange.Remove("SSL 444")

  Jim Harrison
  MCP(NT4, W2K), A+, Network+, PCG
  http://isaserver.org/Jim_Harrison/
  http://isatools.org
  Read the help / books / articles!


On Tue, 17 Aug 2004 20:00:30 -0600
 "Brian Miyata" <bmiyata@xxxxxxxxxxxxxxxxx> wrote:
http://www.ISAserver.org

That worked...Thanks.  I noticed some ports that I want to remove...Do you
have sample code for that?  Thanks

> Use ISAInfo.
> The latest version lists them in the Outgoing Web listeners section.
> 
>   Jim Harrison
>   MCP(NT4, W2K), A+, Network+, PCG
>   http://isaserver.org/Jim_Harrison/
>   http://isatools.org
>   Read the help / books / articles!
> 
> 
> On Tue, 17 Aug 2004 11:34:34 -0600
>  "Brian Miyata" <bmiyata@xxxxxxxxxxxxxxxxx> wrote:
> http://www.ISAserver.org
> 
> How do you know what ports have already been added?  The ms write-up says
> to look in HKLM\SOFTWARE\Microsoft\Fpc\Arrays\{GUID}\Array
> Policy\WebProxy\Proxy-TunnelPortRanges but I don't see "arrays" under
> fpc...Where else can it be?  What can I search on?  Thanks
> 
> 
> > Glad to hear it's working!
> > I've had some complaints about the "skeletal" nature of that script and 
> > I'll be making it a bit
> > "smarter" soon.
> > the new ISAInfo tool has priority, though (after my paying job, of course).
> > 
> > Jim Harrison
> > MCP(NT4, W2K), A+, Network+, PCG
> > http://isaserver.org/pages/author_index.asp?aut=3
> > http://jalojash.org/isatools
> > Read the books!
> > 
> > ----- Original Message -----
> > From: "Kincer, Rick" <Rick_Kincer@xxxxxxxxxx>
> > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> > Sent: Thursday, August 29, 2002 7:46 AM
> > Subject: [isalist] Re: Problem connecting to SSL through non standard ports
> > 
> > 
> > http://www.ISAserver.org
> > 
> > 
> > Jim,
> > 
> > I tried this on a different set of ISA severs and now have it working in the
> > pre-production boxes, I'll go kick the test-bed box and get it working.
> > 
> > Thank you,
> > 
> > Rick
> > 
> >  -----Original Message-----
> > From: Kincer, Rick [mailto:Rick_Kincer@xxxxxxxxxx]
> > Sent: Thursday, August 29, 2002 9:44 AM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] Re: Problem connecting to SSL through non standard
> > ports
> > 
> > http://www.ISAserver.org
> > 
> > 
> > Jim,
> > 
> > I used this process but was not able to use port 444, I changed the line in
> > the script to read:
> > 
> > set tmp=tprange.AddRange("SSL 444", 444, 444)
> > 
> > What is the best way to specify this now that it has been created.
> > 
> > I tried creating a new protocol and specifying it in the Protocol Rules but
> > I still get no connection. I was able to make the registry change in the
> > proxy 2.0 server in production and it worked so I know it is not the site
> > where I am going, but no luck with ISA. Any suggestions?
> > 
> > Thank you,
> > 
> > Rick
> > 
> > 
> >  -----Original Message-----
> > From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
> > Sent: Tuesday, August 20, 2002 10:32 PM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] Re: Problem connecting to SSL through non standard
> > ports
> > 
> > http://www.ISAserver.org
> > 
> > 
> > Grab ssl_tpr_add.vbs from http://jalojash.org/isatools, change the port in
> > the script and run it on
> > the ISA.
> > It'll add the port you specify to the tunnel port ranges.
> > 
> > Jim Harrison
> > MCP(NT4, W2K), A+, Network+, PCG
> > http://isaserver.org/harrison
> > http://jalojash.org/isatools
> > Read the books!
> > 
> > ----- Original Message -----
> > From: <bkitchen@xxxxxxxxxxxxxxxxxxx>
> > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> > Sent: Tuesday, August 20, 2002 4:39 PM
> > Subject: [isalist] Problem connecting to SSL through non standard ports
> > 
> > 
> > http://www.ISAserver.org
> > 
> > 
> > In your FAQs quote"
> > Question 278 -    Apr 05, 2001  :  I'm trying to reach a site with SSL on
> > port 3000 (https://www...:3000). When packet filtering is enabled, I
> > cannot aces the site. When I disable it, I can access the site. How can I
> > make this work with packet filtering?
> > ISA Server allows only tunnel connections to port 443 and 563
> > (Secure-news). If a client attempts to connect to a secure site that is
> > running on a port other than 443 or 563, the connection fails".
> > 
> > Is this constraint still the case and is there any way round it?
> > 
> > I'm running ISA as part of SBS2K and am also a novice so please keep any
> > comments anyone can offer simple.
> > 
> > Thanks in advance
> > Bill
> > 
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion List as:
> > jim@xxxxxxxxxxxx
> > To unsubscribe send a blank email to $subst('Email.Unsub')
> > 
> > 
> > 
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion List as:
> > rick_kincer@xxxxxxxxxx
> > To unsubscribe send a blank email to $subst('Email.Unsub')
> > 
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion List as:
> > rick_kincer@xxxxxxxxxx
> > To unsubscribe send a blank email to $subst('Email.Unsub')
> > 
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion List as: 
> > jim@xxxxxxxxxxxx
> > To unsubscribe send a blank email to $subst('Email.Unsub')
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as: 
> jim@xxxxxxxxxxxx
> To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 08-2004