RE: SSL over custom Port / Not Standard

• From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Sun, 21 Nov 2004 09:40:51 -0800

No; the script uses the ISA COM to add that data to ISA configuration.
Try adding those values to an array server and you get nada.

Again, don't go mucking about in the ISA registry unless instructed to
do so.


  Jim Harrison
  MCP(NT4, W2K), A+, Network+, PCG
  http://isaserver.org/Jim_Harrison/
  http://isatools.org
  Read the help / books / articles!
 
 

-----Original Message-----
From: Nick Holmes [mailto:nick_holmes@xxxxxxxxxxxxxxxx] 
Sent: Sunday, November 21, 2004 3:37 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: SSL over custom Port / Not Standard

http://www.ISAserver.org


Hi Jim,

The script just adds the registry keys right?  Or is there something
else that it adds etc?  What is the difference if I make them manually
please?  To be honest I prefer doing things on my own than with the help
of scripts etc (where possible) since I can understand more what is
happening etc :)

Regards,

Nick Holmes.

-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] 
Sent: Friday, November 19, 2004 5:47 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: SSL over custom Port / Not Standard

http://www.ISAserver.org <http://www.isaserver.org/> 

Correct, but you shouldn't do it by "hand".

There are some tools at http://isatools.org <http://isatools.org/>  that
are specifically written to do this properly.

-------------------------------------------------------

Jim Harrison

MCP(NT4, W2K), A+, Network+, PCG

http://isaserver.org/Jim_Harrison/ <http://isaserver.org/Jim_Harrison/> 

http://isatools.org <http://isatools.org/> 

Read the help / books / articles!

-------------------------------------------------------

-----Original Message-----

From: Nick Holmes [mailto:nick_holmes@xxxxxxxxxxxxxxxx
<mailto:nick_holmes@xxxxxxxxxxxxxxxx> ]

Sent: Friday, November 19, 2004 06:27

To: [ISAserver.org Discussion List]

Subject: [isalist] RE: SSL over custom Port / Not Standard

http://www.ISAserver.org <http://www.isaserver.org/> 

 

Hi Jim,

you mean i should make 2 entries for each port?

i.e.

msFPCTunnelLowPort 443

msFPCTTunnelHighPort 443

msFPCTunnelLowPort 6969

msFPCTTunnelHighPort 6969

Like this it should allow only ssl on these 2 particular ports? Am I on
the correct path?

Thanks.

Regards,

Nick holmes

--- "Jim Harrison" <Jim@xxxxxxxxxxxx> wrote:

From: "Jim Harrison" <Jim@xxxxxxxxxxxx>

Date: Fri, 19 Nov 2004 06:10:27 -0800

To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>

Subject: [isalist] RE: SSL over custom Port / Not Standard

http://www.ISAserver.org <http://www.isaserver.org/> 

That happens because you entered 443-6969.

Only enter the ports you know you need.

Jim Harrison

MCP(NT4, W2K), A+, Network+, PCG

http://isaserver.org/Jim_Harrison/ <http://isaserver.org/Jim_Harrison/> 

http://isatools.org <http://isatools.org/> 

Read the help / books / articles!

 

-----Original Message-----

From: Nick Holmes [mailto:nick_holmes@xxxxxxxxxxxxxxxx
<mailto:nick_holmes@xxxxxxxxxxxxxxxx> ]

Sent: Friday, November 19, 2004 1:15 AM

To: [ISAserver.org Discussion List]

Subject: [isalist] RE: SSL over custom Port / Not Standard

http://www.ISAserver.org <http://www.isaserver.org/> 

Hi, 

solution worked :) Tahnks..

edited the registry manually.

Though , another question, just for cuiriosity. Like this ISA will allow
SSL traffice from port 443 up to port 6969. Is there a way not to allow
this but just ssl traffic only on those 2 specific ports?

Regards,

Nick Holmes.

--- "Ara" <ara@xxxxxxxxxx> wrote:

From: "Ara" <ara@xxxxxxxxxx>

Date: Thu, 18 Nov 2004 10:47:21 -0500

To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>

Subject: [isalist] RE: SSL over custom Port / Not Standard

http://www.ISAserver.org <http://www.isaserver.org/> 

 

Hello

http://forums.isaserver.org/ultimatebb.cgi?ubb=get_topic;f=24;t=000168
<http://forums.isaserver.org/ultimatebb.cgi?ubb=get_topic;f=24;t=000168>


 

 

 

 

________________________________

From: Nick Holmes [mailto:nick_holmes@xxxxxxxxxxxxxxxx
<mailto:nick_holmes@xxxxxxxxxxxxxxxx> ]

Sent: November 18, 2004 10:38 AM

To: [ISAserver.org Discussion List]

Subject: [isalist] SSL over custom Port / Not Standard

 

 

http://www.ISAserver.org <http://www.isaserver.org/> 

Hi, I have an SSL webpage running on port 10000 (not on the standard

port 443), which is on the internet. I want to access it from my

network (from behind ISA 2004). Gave my machine access on all protocols

and all locations. I even specified port 6969 as a user defined

protocol. Though when i try to access this site through isa server 2004

I get this error. Any idea please?

 

 

Network Access Message: The page cannot be displayed

 

 

 

 

 

 

Technical Information (for Support personnel) 

* Error Code: 502 Proxy Error. The specified Secure Sockets Layer

(SSL) port is not allowed. ISA Server is not configured to allow SSL

requests from this port. Most Web browsers use port 443 for SSL

requests. (12204) 

* IP Address: XXX.XXX.XXX.XXX 

* Date: 11/18/2004 3:36:29 PM 

Regards,

Nick Holmes

 

 

 

 

 

________________________________

Free, simple, fast, memorable email 

Become you@xxxxxxxxxxxxxxxx at http://www.emailaccount.com/
<http://www.emailaccount.com/> 

------------------------------------------------------

List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
<http://www.webelists.com/cgi/lyris.pl?enter=isalist> 

ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
<http://www.isaserver.org/pages/newsletter.asp> 

ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
<http://www.isaserver.org/pages/larticle.asp?type=FAQ> 

------------------------------------------------------

Other Internet Software Marketing Sites:

World of Windows Networking: http://www.windowsnetworking.com
<http://www.windowsnetworking.com/> 

Leading Network Software Directory: http://www.serverfiles.com
<http://www.serverfiles.com/> 

No.1 Exchange Server Resource Site: http://www.msexchange.org
<http://www.msexchange.org/> 

Windows Security Resource Site: http://www.windowsecurity.com/
<http://www.windowsecurity.com/> 

Network Security Library: http://www.secinf.net/
<http://www.secinf.net/> 

Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
<http://www.ntfaxfaq.com/> 

------------------------------------------------------

You are currently subscribed to this ISAserver.org Discussion List as:

ara@xxxxxxxxxx

To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
<http://www.webelists.com/cgi/lyris.pl?enter=isalist> 

Report abuse to listadmin@xxxxxxxxxxxxx 

------------------------------------------------------

List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
<http://www.webelists.com/cgi/lyris.pl?enter=isalist> 

ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
<http://www.isaserver.org/pages/newsletter.asp> 

ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
<http://www.isaserver.org/pages/larticle.asp?type=FAQ> 

------------------------------------------------------

Other Internet Software Marketing Sites:

World of Windows Networking: http://www.windowsnetworking.com
<http://www.windowsnetworking.com/> 

Leading Network Software Directory: http://www.serverfiles.com
<http://www.serverfiles.com/> 

No.1 Exchange Server Resource Site: http://www.msexchange.org
<http://www.msexchange.org/> 

Windows Security Resource Site: http://www.windowsecurity.com/
<http://www.windowsecurity.com/> 

Network Security Library: http://www.secinf.net/
<http://www.secinf.net/> 

Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
<http://www.ntfaxfaq.com/> 

------------------------------------------------------

You are currently subscribed to this ISAserver.org Discussion List as:

nick_holmes@xxxxxxxxxxxxxxxx

To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
<http://www.webelists.com/cgi/lyris.pl?enter=isalist> 

Report abuse to listadmin@xxxxxxxxxxxxx 

 

________________________________

Free, simple, fast, memorable email 

Become you@xxxxxxxxxxxxxxxx at http://www.emailaccount.com/
<http://www.emailaccount.com/> 

------------------------------------------------------

List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
<http://www.webelists.com/cgi/lyris.pl?enter=isalist> 

ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
<http://www.isaserver.org/pages/newsletter.asp> 

ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
<http://www.isaserver.org/pages/larticle.asp?type=FAQ> 

------------------------------------------------------

Other Internet Software Marketing Sites:

World of Windows Networking: http://www.windowsnetworking.com
<http://www.windowsnetworking.com/> 

Leading Network Software Directory: http://www.serverfiles.com
<http://www.serverfiles.com/> 

No.1 Exchange Server Resource Site: http://www.msexchange.org
<http://www.msexchange.org/> 

Windows Security Resource Site: http://www.windowsecurity.com/
<http://www.windowsecurity.com/> 

Network Security Library: http://www.secinf.net/
<http://www.secinf.net/> 

Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
<http://www.ntfaxfaq.com/> 

------------------------------------------------------

You are currently subscribed to this ISAserver.org Discussion List as:

jim@xxxxxxxxxxxx

To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
<http://www.webelists.com/cgi/lyris.pl?enter=isalist> 

Report abuse to listadmin@xxxxxxxxxxxxx 

All mail to and from this domain is GFI-scanned.

 

------------------------------------------------------

List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
<http://www.webelists.com/cgi/lyris.pl?enter=isalist> 

ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
<http://www.isaserver.org/pages/newsletter.asp> 

ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
<http://www.isaserver.org/pages/larticle.asp?type=FAQ> 

------------------------------------------------------

Other Internet Software Marketing Sites:

World of Windows Networking: http://www.windowsnetworking.com
<http://www.windowsnetworking.com/> 

Leading Network Software Directory: http://www.serverfiles.com
<http://www.serverfiles.com/> 

No.1 Exchange Server Resource Site: http://www.msexchange.org
<http://www.msexchange.org/> 

Windows Security Resource Site: http://www.windowsecurity.com/
<http://www.windowsecurity.com/> 

Network Security Library: http://www.secinf.net/
<http://www.secinf.net/> 

Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
<http://www.ntfaxfaq.com/> 

------------------------------------------------------

You are currently subscribed to this ISAserver.org Discussion List as:
nick_holmes@xxxxxxxxxxxxxxxx

To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
<http://www.webelists.com/cgi/lyris.pl?enter=isalist> 

Report abuse to listadmin@xxxxxxxxxxxxx

 

 

________________________________

Free, simple, fast, memorable email 

Become you@xxxxxxxxxxxxxxxx at http://www.emailaccount.com/
<http://www.emailaccount.com/> 

------------------------------------------------------

List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
<http://www.webelists.com/cgi/lyris.pl?enter=isalist> 

ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
<http://www.isaserver.org/pages/newsletter.asp> 

ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
<http://www.isaserver.org/pages/larticle.asp?type=FAQ> 

------------------------------------------------------

Other Internet Software Marketing Sites:

World of Windows Networking: http://www.windowsnetworking.com
<http://www.windowsnetworking.com/> 

Leading Network Software Directory: http://www.serverfiles.com
<http://www.serverfiles.com/> 

No.1 Exchange Server Resource Site: http://www.msexchange.org
<http://www.msexchange.org/> 

Windows Security Resource Site: http://www.windowsecurity.com/
<http://www.windowsecurity.com/> 

Network Security Library: http://www.secinf.net/
<http://www.secinf.net/> 

Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
<http://www.ntfaxfaq.com/> 

------------------------------------------------------

You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx

To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
<http://www.webelists.com/cgi/lyris.pl?enter=isalist> 

Report abuse to listadmin@xxxxxxxxxxxxx 

All mail to and from this domain is GFI-scanned.

 

------------------------------------------------------

List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
<http://www.webelists.com/cgi/lyris.pl?enter=isalist> 

ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
<http://www.isaserver.org/pages/newsletter.asp> 

ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
<http://www.isaserver.org/pages/larticle.asp?type=FAQ> 

------------------------------------------------------

Other Internet Software Marketing Sites:

World of Windows Networking: http://www.windowsnetworking.com
<http://www.windowsnetworking.com/> 

Leading Network Software Directory: http://www.serverfiles.com
<http://www.serverfiles.com/> 

No.1 Exchange Server Resource Site: http://www.msexchange.org
<http://www.msexchange.org/> 

Windows Security Resource Site: http://www.windowsecurity.com/
<http://www.windowsecurity.com/> 

Network Security Library: http://www.secinf.net/
<http://www.secinf.net/> 

Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
<http://www.ntfaxfaq.com/> 

------------------------------------------------------

You are currently subscribed to this ISAserver.org Discussion List as:
robert@xxxxxxx

To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
<http://www.webelists.com/cgi/lyris.pl?enter=isalist> 

Report abuse to listadmin@xxxxxxxxxxxxx

 


 

________________________________

Free, simple, fast, memorable email 
Become you@xxxxxxxxxxxxxxxx at http://www.emailaccount.com/
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx 

All mail to and from this domain is GFI-scanned.

Other related posts:

• » SSL over custom Port / Not Standard
• » RE: SSL over custom Port / Not Standard
• » RE: SSL over custom Port / Not Standard
• » RE: SSL over custom Port / Not Standard
• » RE: SSL over custom Port / Not Standard
• » RE: SSL over custom Port / Not Standard
• » RE: SSL over custom Port / Not Standard
• » RE: SSL over custom Port / Not Standard
• » RE: SSL over custom Port / Not Standard
• » RE: SSL over custom Port / Not Standard

1. Home
2. isalist
3. Archive
4. 11-2004

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---