RE: SSL Problems with ISA 2004
- From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Fri, 21 Jan 2005 06:03:45 -0800
There must be something missing here:
- you complained about ISA behavior with SSL sites, but your example
link is http://www.wellsfargo.com/com/ceo/ceoservices.jhtml
- you state that adding you Internet-facing NIC to the External network
was required. If this is the case, then your routing table is hosed;
that NIC shuld have been there to begin with.
-----Original Message-----
From: Ball, Dan [mailto:DBall@xxxxxxxxxxx]
Sent: Friday, January 21, 2005 5:07 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: SSL Problems with ISA 2004
http://www.ISAserver.org
I finally figured out the problem, had to add the "External" network to
the network set I was using for Internet access.
Even though the IP falls into the ranges routed to the proper "Network",
it seems that I have several calls a day that get routed to the External
network even there are no IP addresses associated with it.
I'd probably classify that as a software bug, in that we can have
thousands of web requests made to places like Google routed properly,
but a few manage to skip past the routing and hit the default "External"
network anyway.
-----Original Message-----
From: Steve Moffat [mailto:steve@xxxxxxxxxx]
Sent: Thursday, January 20, 2005 14:56
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: SSL Problems with ISA 2004
http://www.ISAserver.org
I can get to the log on page no problem.
Steve
-----Original Message-----
From: Dan Ball [mailto:dball@xxxxxxxxxxx]
Sent: Thursday, January 20, 2005 2:39 PM
To: ISA Mailing List
Subject: [isalist] SSL Problems with ISA 2004
http://www.ISAserver.org
I'm having major difficulties with getting some SSL sites to work
through ISA 2004. For example, if I attempt to log on using the CEO
portal at Wells Fargo
(http://www.wellsfargo.com/com/ceo/ceoservices.jhtml), I get a
502 error. The firewall logs just show an SSL-Tunnel protocol attempt
being rejected by the Default Policy.
Other SSL sites work fine, so I'm theorizing that they are attempting to
use an alternate port for SSL. Anyone else having troubles like this?
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
isalist@xxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
This E-Mail is confidential. It is not intended to be read, copied,
disclosed or used by any person other than the recipient named above.
Unauthorised use, disclosure, or copying is strictly prohibited and may
be unlawful. Optimum IT Solutions Ltd disclaims any liability for any
action taken in connection of this E-Mail. The comments or statements
expressed in this E-Mail are not necessarily those of Optimum IT
Solutions Ltd or its subsidiaries or affiliates.
administrator@xxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
dball@xxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
Other related posts:
