RE: bridging, ssl, Rita, and everything...

  • From: "G.Waleed Kavalec" <kavalec@xxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Fri, 23 Sep 2005 09:45:45 -0500

Ideally all the state sites (5) would run off of one external IP; they
are all in the same domain, but on different web servers.

But I'm not going to get DNS added in time for Rita, so it seems to be
turning moot.  I have mapped one-for-one now and it is working.

IF  I had DNS for site1.backup.mycompany.com and
site2.backup.mycompany.com... etc., all mapped to 12.34.56.78 would
that serve what I was trying to do?


On 9/23/05, Thomas W Shinder <tshinder@xxxxxxxxxxx> wrote:
> http://www.ISAserver.org
>
> Hi Waleed,
>
> OK, I went to the site. Do you want to host all those sites in the same
> domain? Are you terminating the SSL connection at the ISA firewall?
>
> Thanks!
>
> Thomas W Shinder, M.D.
> Site: www.isaserver.org
> Blog: http://spaces.msn.com/members/drisa/
> Book: http://tinyurl.com/3xqb7
> MVP -- ISA Firewalls
>
>
>
> > -----Original Message-----
> > From: G.Waleed Kavalec [mailto:kavalec@xxxxxxxxx]
> > Sent: Friday, September 23, 2005 8:34 AM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] RE: bridging, ssl, Rita, and everything...
> >
> > http://www.ISAserver.org
> >
> > Yes, I'll send you the real ip off list.
> >
> > Our T1's carry the "normal" FQDN traffic through one firewall (were
> > our certs live) we bridge over to http at that point.
> >
> > This effort is a - real quick now! - effort to give alternate access
> > to our sites via satellite in case Rita compromises land lines for a
> > prolonged time.
> >
> > The sat modem goes to a second firewall - with a copy of all certs -
> > and the same https-to-http bridging happens there.  (working as of
> > yesterday)
> >
> > I was *hoping* for a way to serve several (ssl) sites per IP this way.
> >
> >
> >
> > On 9/23/05, Thomas W Shinder <tshinder@xxxxxxxxxxx> wrote:
> > > http://www.ISAserver.org
> > >
> > > Are you referring to SSL bridging?
> > >
> > > Thomas W Shinder, M.D.
> > > Site: www.isaserver.org
> > > Blog: http://spaces.msn.com/members/drisa/
> > > Book: http://tinyurl.com/3xqb7
> > > MVP -- ISA Firewalls
> > >
> > >
> > >
> > > > -----Original Message-----
> > > > From: G.Waleed Kavalec [mailto:kavalec@xxxxxxxxx]
> > > > Sent: Friday, September 23, 2005 7:22 AM
> > > > To: [ISAserver.org Discussion List]
> > > > Subject: [isalist] RE: bridging, ssl, Rita, and everything...
> > > >
> > > > http://www.ISAserver.org
> > > >
> > > > Not exactly.  I have one https://12.34.56.78 type url
> > > > successfully bridging.
> > > >
> > > > But your saying I need 5 ips to do 5 sites?
> > > >
> > > >
> > > > On 9/22/05, Thomas W Shinder <tshinder@xxxxxxxxxxx> wrote:
> > > > > http://www.ISAserver.org
> > > > >
> > > > > You're going to need to use FQDNs if you want to use
> > SSL bridging.
> > > > >
> > > > > > -----Original Message-----
> > > > > > From: G.Waleed Kavalec [mailto:kavalec@xxxxxxxxx]
> > > > > > Sent: Thursday, September 22, 2005 4:29 PM
> > > > > > To: [ISAserver.org Discussion List]
> > > > > > Subject: [isalist] bridging, ssl, Rita, and everything...
> > > > > >
> > > > > > http://www.ISAserver.org
> > > > > >
> > > > > > On ISA 2000 standard we are trying to set up a small backup
> > > > > > access to our sites via Direcway.
> > > > > >
> > > > > > Is it possible to use one external IP plus the path parameter
> > > > > > to direct users to various https sites?
> > > > > >
> > > > > > Example
> > > > > >
> > > > > >     https://123.45.67.8/service1   bridged to
> > > > > > http://service1.internal.com
> > > > > >     https://123.45.67.8/service2   bridged to
> > > > > > http://service2.internal.com
> > > > > >     https://123.45.67.8/service3   bridged to
> > > > > > http://service3.internal.com
> > > > > >
> > > > > > At the moment I can get through the firewall with web
> > > > > > publishing, but trying the above gets first the standard
> > > > > > ssl-cert message, then page not found.
> > > > > >
> > > > > > I'm suspecting it is the fact that the ssl cert name doesn't
> > > > > > match that is kicking me out, if so is there any workaround?
> > > > > >
> > > > > > --
> > > > > > thanks
> > > > > > G. Waleed Kavalec
> > > > > >
> > > > > > ------------------------------------------------------
> > > > > > List Archives:
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > > > > ISA Server Newsletter:
> > > > http://www.isaserver.org/pages/newsletter.asp
> > > > > > ISA Server FAQ:
> > > > http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > > > > > ------------------------------------------------------
> > > > > > Visit TechGenix.com for more information about our
> > other sites:
> > > > > > http://www.techgenix.com
> > > > > > ------------------------------------------------------
> > > > > > You are currently subscribed to this ISAserver.org Discussion
> > > > > > List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit
> > > > > > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > > > > Report abuse to listadmin@xxxxxxxxxxxxx
> > > > > >
> > > > > > --
> > > > > > Internal Virus Database is out-of-date.
> > > > > > Checked by AVG Anti-Virus.
> > > > > > Version: 7.0.344 / Virus Database: 267.11.0/103 - Release
> > > > > > Date: 9/15/2005
> > > > > >
> > > > > >
> > > > >
> > > > > --
> > > > > Internal Virus Database is out-of-date.
> > > > > Checked by AVG Anti-Virus.
> > > > > Version: 7.0.344 / Virus Database: 267.11.0/103 - Release
> > > > Date: 9/15/2005
> > > > >
> > > > >
> > > > > ------------------------------------------------------
> > > > > List Archives:
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > > > ISA Server Newsletter:
> > http://www.isaserver.org/pages/newsletter.asp
> > > > > ISA Server FAQ:
> > http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > > > > ------------------------------------------------------
> > > > > Visit TechGenix.com for more information about our other sites:
> > > > > http://www.techgenix.com
> > > > > ------------------------------------------------------
> > > > > You are currently subscribed to this ISAserver.org
> > > > Discussion List as: kavalec@xxxxxxxxx
> > > > > To unsubscribe visit
> > > > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > > > Report abuse to listadmin@xxxxxxxxxxxxx
> > > > >
> > > >
> > > >
> > > > --
> > > >
> > > > G. Waleed Kavalec
> > > >   http://www.IslamAwakened.com/Quran
> > > > ----------------------------------------
> > > >  Bush's War Killed New Orleans
> > > >
> > > > ------------------------------------------------------
> > > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > > ISA Server Newsletter:
> > http://www.isaserver.org/pages/newsletter.asp
> > > > ISA Server FAQ:
> > http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > > > ------------------------------------------------------
> > > > Visit TechGenix.com for more information about our other sites:
> > > > http://www.techgenix.com
> > > > ------------------------------------------------------
> > > > You are currently subscribed to this ISAserver.org Discussion
> > > > List as: tshinder@xxxxxxxxxxxxxxxxxx
> > > > To unsubscribe visit
> > > > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > > Report abuse to listadmin@xxxxxxxxxxxxx
> > > >
> > > >
> > >
> > > ------------------------------------------------------
> > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > > ------------------------------------------------------
> > > Visit TechGenix.com for more information about our other sites:
> > > http://www.techgenix.com
> > > ------------------------------------------------------
> > > You are currently subscribed to this ISAserver.org
> > Discussion List as: kavalec@xxxxxxxxx
> > > To unsubscribe visit
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > Report abuse to listadmin@xxxxxxxxxxxxx
> > >
> >
> >
> > --
> >
> > G. Waleed Kavalec
> >   http://www.IslamAwakened.com/Quran
> > ----------------------------------------
> >  Bush's War Killed New Orleans
> >
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion
> > List as: tshinder@xxxxxxxxxxxxxxxxxx
> > To unsubscribe visit
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> >
> >
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as: 
> kavalec@xxxxxxxxx
> To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>


--

G. Waleed Kavalec
  http://www.IslamAwakened.com/Quran
----------------------------------------
 Bush's War Killed New Orleans

Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 09-2005