RE: SSL Publishing Problems
- From: "William Holmes" <wtholmes@xxxxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Mon, 20 Dec 2004 12:29:21 -0500
Hello,
The fist point I can think of is consistency. I publish multiple back-end web
servers and use ISA to create a consolidated Website. http://mysite/hr
publishes the hr web server. http://mysite/research publishes the research
web server ... Try telling end users that hey when your outside use this URL
and when your inside use that URL.
This is one of the most powerful features of web publishing.
Bill
-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Sent: Saturday, December 18, 2004 12:13 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: SSL Publishing Problems
http://www.ISAserver.org
If you want ISA to handle internal-to-internal web publishing (horribly
inefficient, IMHO), then you need to:
1 - Create an ISA listener on the internal IP; much like you would for an
external listener
2 - Change your internal DNS to resolve those web sites to the ISA internal
IP you defined
3 - create web publishing rules according to those settings.
What's the point of forcing all internal traffic through the ISA?
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/Jim_Harrison/
http://isatools.org
Read the help / books / articles!
-----Original Message-----
From: Marc A. Mapplebeck, MCP/MCDST/N+/A+/CNA [mailto:mmapplebeck@xxxxxxxxxx]
Sent: Saturday, December 18, 2004 8:33 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] SSL Publishing Problems
http://www.ISAserver.org
Hi there, I am having somewhat of a problem publishing some SSL resources. I
have our system setup so that all IIS instances are on a single machine, not
having any problems with HTTP along with host headers. However with SSL, I am
publishing on alternate ports. Not having any problems with bridging
connections from the extranet. Intranet is having the problems. When I type
the URL of an internal SSL site, it keeps bouncing me to OWAFBA site(OWA is
running on 443 as it really hates running on any other port esp when using
FBA.) This, I do understand as it is reading the CNAME which point back to
the same IP which opens OWA on 443. What I want to do is force all internal
clients to browse through the ISA server whether it is an internal addy or
not. The odd thing with this is, when I type the URL and direct HTTPS to the
proper port, I get my 12204 Error from ISA stating it is not a valid IP. I
have an internal SSL listener. What I want to know, is that why when I use
straight https://insidesite.cah-nb.ca it redirects me to webmail, but when I
use https://insidesite.cah-nb.ca:x443, it gives me an error from the proxy
service. Why does it use web proxy for one and not the other, and how can I
force it to browse through the proxy for everything?
P.S. Please forgive my stupidity and running the questions in circles, it is
probably sitting right in front of my face and I am just too close to the
problem to see the solution, plus the severe lack of sleep I am suffering
from with the cristmas rush. Thanks - Marc
_-_-_-_-_-_-_-_-_-
-"During times of universal deceit, telling the truth becomes a revolutionary
act." - George Orwell, 1984
_-_-_-_-_-_-_-_-_-
Marc A. Mapplebeck, MCP/MCDST/N+/A+/CNA IT Manager, City Animal Hospital Ltd.
Owner, Shutterbug Productions & Consulting
MCP#: 3146827
CompTIA#: COMP001002835054
mmapplebeck@xxxxxxxxxx
mmapplebeck@xxxxxxxxx
_-_-_-_-_-_-_-_-_-
P: 506-471-7044
ICQ: 26743793
Yahoo!: mmapplebeck
MSN: mmapplebeck@xxxxxxxxxx
_-_-_-_-_-_-_-_-_-
This e-mail communication (including any or all attachments) is intended only
for the use of the person or entity to which it is addressed and may contain
confidential and/or privileged material. If you are not the intended
recipient of this e-mail, any use, review, retransmission, distribution,
dissemination, copying, printing, or other use of, or taking of any action in
reliance upon this e-mail, is strictly prohibited. If you have received this
e-mail in error, please contact the sender and delete the original and any
copy of this e-mail and any printout thereof, immediately. Your co-operation
is appreciated.
Le présent courriel (y compris toute pièce jointe) s'adresse uniquement à son
destinataire, qu'il soit une personne ou un organisme, et pourrait comporter
des renseignements privilégiés ou confidentiels. Si vous n'êtes pas le
destinataire du courriel, il est interdit d'utiliser, de revoir, de
retransmettre, de distribuer, de disséminer, de copier ou d'imprimer ce
courriel, d'agir en vous y fiant ou de vous en servir de toute autre façon.
Si vous avez reçu le présent courriel par erreur, prière de communiquer avec
l'expéditeur et d'éliminer l'original du courriel, ainsi que toute copie
électronique ou imprimée de celui-ci, immédiatement. Nous sommes
reconnaissants de votre collaboration.
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading Network
Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading Network
Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
wtholmes@xxxxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
