Hello, The fist point I can think of is consistency. I publish multiple back-end web servers and use ISA to create a consolidated Website. http://mysite/hr publishes the hr web server. http://mysite/research publishes the research web server ... Try telling end users that hey when your outside use this URL and when your inside use that URL. This is one of the most powerful features of web publishing. Bill -----Original Message----- From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] Sent: Saturday, December 18, 2004 12:13 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: SSL Publishing Problems http://www.ISAserver.org If you want ISA to handle internal-to-internal web publishing (horribly inefficient, IMHO), then you need to: 1 - Create an ISA listener on the internal IP; much like you would for an external listener 2 - Change your internal DNS to resolve those web sites to the ISA internal IP you defined 3 - create web publishing rules according to those settings. What's the point of forcing all internal traffic through the ISA? Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! -----Original Message----- From: Marc A. Mapplebeck, MCP/MCDST/N+/A+/CNA [mailto:mmapplebeck@xxxxxxxxxx] Sent: Saturday, December 18, 2004 8:33 AM To: [ISAserver.org Discussion List] Subject: [isalist] SSL Publishing Problems http://www.ISAserver.org Hi there, I am having somewhat of a problem publishing some SSL resources. I have our system setup so that all IIS instances are on a single machine, not having any problems with HTTP along with host headers. However with SSL, I am publishing on alternate ports. Not having any problems with bridging connections from the extranet. Intranet is having the problems. When I type the URL of an internal SSL site, it keeps bouncing me to OWAFBA site(OWA is running on 443 as it really hates running on any other port esp when using FBA.) This, I do understand as it is reading the CNAME which point back to the same IP which opens OWA on 443. What I want to do is force all internal clients to browse through the ISA server whether it is an internal addy or not. The odd thing with this is, when I type the URL and direct HTTPS to the proper port, I get my 12204 Error from ISA stating it is not a valid IP. I have an internal SSL listener. What I want to know, is that why when I use straight https://insidesite.cah-nb.ca it redirects me to webmail, but when I use https://insidesite.cah-nb.ca:x443, it gives me an error from the proxy service. Why does it use web proxy for one and not the other, and how can I force it to browse through the proxy for everything? P.S. Please forgive my stupidity and running the questions in circles, it is probably sitting right in front of my face and I am just too close to the problem to see the solution, plus the severe lack of sleep I am suffering from with the cristmas rush. Thanks - Marc _-_-_-_-_-_-_-_-_- -"During times of universal deceit, telling the truth becomes a revolutionary act." - George Orwell, 1984 _-_-_-_-_-_-_-_-_- Marc A. Mapplebeck, MCP/MCDST/N+/A+/CNA IT Manager, City Animal Hospital Ltd. Owner, Shutterbug Productions & Consulting MCP#: 3146827 CompTIA#: COMP001002835054 mmapplebeck@xxxxxxxxxx mmapplebeck@xxxxxxxxx _-_-_-_-_-_-_-_-_- P: 506-471-7044 ICQ: 26743793 Yahoo!: mmapplebeck MSN: mmapplebeck@xxxxxxxxxx _-_-_-_-_-_-_-_-_- This e-mail communication (including any or all attachments) is intended only for the use of the person or entity to which it is addressed and may contain confidential and/or privileged material. If you are not the intended recipient of this e-mail, any use, review, retransmission, distribution, dissemination, copying, printing, or other use of, or taking of any action in reliance upon this e-mail, is strictly prohibited. If you have received this e-mail in error, please contact the sender and delete the original and any copy of this e-mail and any printout thereof, immediately. Your co-operation is appreciated. Le présent courriel (y compris toute pièce jointe) s'adresse uniquement à son destinataire, qu'il soit une personne ou un organisme, et pourrait comporter des renseignements privilégiés ou confidentiels. Si vous n'êtes pas le destinataire du courriel, il est interdit d'utiliser, de revoir, de retransmettre, de distribuer, de disséminer, de copier ou d'imprimer ce courriel, d'agir en vous y fiant ou de vous en servir de toute autre façon. Si vous avez reçu le présent courriel par erreur, prière de communiquer avec l'expéditeur et d'éliminer l'original du courriel, ainsi que toute copie électronique ou imprimée de celui-ci, immédiatement. Nous sommes reconnaissants de votre collaboration. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx All mail to and from this domain is GFI-scanned. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: wtholmes@xxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx