• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

502 proxy error - Host in unreachable 10065

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2000 General] >> General >> 502 proxy error - Host in unreachable 10065 Page: [1]
Login
Message << Older Topic   Newer Topic >>
502 proxy error - Host in unreachable 10065 - 25.Apr.2003 3:26:00 PM   
Guest
What is up with this thing?! Some sites I can get to, some sites I get the 502 error. Some https sites work, others show a blank page with 'done' on the bottom. And can anyone please explain to me WHY, if everything is set to allow, I have to set up another protocol rule for https??! Mind you this isn't a complicated setup. One ISA server, 2 NICs, and an ISP. On top of that, some of the sites that I can get to are slow to respond. Can anybody help me??
  Post #: 1
RE: 502 proxy error - Host in unreachable 10065 - 25.Apr.2003 9:37:00 PM   
spouseele

 

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline
Hi kevinl,

check out your basic ISA server configuration. Use Jim's excellent article http://www.isaserver.org/tutorials/Configuring_ISA_Server_Interface_Settings.html as baseline. Also, test and test again that you can resolve internal and external DNS names. Use the nslookup command for that.

For the HTTPS access, I assume you have already enabled HTTP, HTTPS in a protocol rule. Make sure that in IE -> Internet Options -> Advanced, 'Use HTTP 1.1 through proxy connections' is enabled.

BTW --- do you have to connect to unstandard HTTP/HTTPS ports?

HTH,
Stefaan

(in reply to Guest)
Post #: 2
RE: 502 proxy error - Host in unreachable 10065 - 29.Apr.2003 3:07:00 PM   
Guest
Thanks for responding spouseele,

I already have a proto rule for http,https. I did look at the article and setup like that, but we dont have an internal DNS server. We have an ISP DNS for internet. If I use nslookup on an internal pc all I get is "default server unknown address: 127.0.0.1" I can still get to sites on the internet. And I think my problem is no longer getting to https sites, but getting to certain sites, regular or secure. Especially sites that redirect or open another window, and some sites just give me 502 proxy error.

(in reply to Guest)
  Post #: 3
RE: 502 proxy error - Host in unreachable 10065 - 29.Apr.2003 10:13:00 PM   
spouseele

 

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline
Hi kevinl,

OK. If you don't have an internal DNS server, ISA can do DNS name resolving on behalf of a Web Proxy and Firewall client, *not* on behalf of a SecureNAT client. So, make sure your ISP DNS servers are listed in the TCP/IP properties of the ISA interfaces and test the DNS resolving from ISA server itself. Of course make sure you have enabled the default DNS packet filters on ISA server.

HTH,
Stefaan

(in reply to Guest)
Post #: 4
RE: 502 proxy error - Host in unreachable 10065 - 1.May2003 4:32:00 PM   
Guest
Hey Stefaan,

Ok, check this out. I setup another isa server for a test. Installed just as a cache server, not integrated. No problems found. And the speed is blazing in contrast to the first server. In reference to DNS IP adresses on the isa interfaces, put on just the external, or internal and external? I have it just on the external. I still want to know why if I have NO RESTRICTIONS on anything, why do I have to specify ANOTHER protocol rule for HTTPS? And that doesn't even cover why I can get to some regular http sites and I can't get other regular http sites. I understand I am venting, sorry, but nobody can explain these problems to me.

THANKS!

(in reply to Guest)
  Post #: 5
RE: 502 proxy error - Host in unreachable 10065 - 1.May2003 6:23:00 PM   
spouseele

 

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline
Hi kevinl,

because you don't have an internal DNS, you can place the DNS IP adresses on both interfaces. If you done that, can you do a nslookup from ISA server itself, especially those sites which you can't access?

Next, set IE on ISA server to use the ISA internal interface port 8080 as proxy server. What happens then? Can you access all the sites or do you have the same problem?

Maybe something is screwed-up and rebuilding the box is the fastest solution! [Big Grin]

HTH,
Stefaan

(in reply to Guest)
Post #: 6
RE: 502 proxy error - Host in unreachable 10065 - 1.May2003 7:08:00 PM   
Guest
Hey thanks again for all your help. I think I will just rebuild and go from there. Thanks again!

(in reply to Guest)
  Post #: 7

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2000 General] >> General >> 502 proxy error - Host in unreachable 10065 Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts