Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Discussion about SSL Tunnel Port Range Article
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
Discussion about SSL Tunnel Port Range Article - 29.Nov.2004 5:38:00 AM
|
|
|
tshinder
Posts: 47181
Joined: 10.Jan.2001
From: Texas
Status: offline
|
This thread is for discussing the article on extending the ISA firewall's SSL tunnel port range over at http://isaserver.org/articles/2004tunnelportrange.html
Thanks!
Tom
[ November 29, 2004, 07:05 AM: Message edited by: tshinder ]
|
|
|
|
|
RE: Discussion about SSL Tunnel Port Range Article - 29.Nov.2004 7:06:00 AM
|
|
|
tshinder
Posts: 47181
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi Ara,
It was just a placeholder. Fixed now.
Thanks!
Tom
|
|
|
|
|
RE: Discussion about SSL Tunnel Port Range Article - 30.Nov.2004 3:59:00 PM
|
|
|
tinto
Posts: 222
Joined: 9.Sep.2004
From: Italy
Status: offline
|
many thanks, I was finally able to add a port.
I had tried with isa_tpr.js /add....
but it did not work, while
cscript isa_..... worked fine!
What's the difference?
|
|
|
|
RE: Discussion about SSL Tunnel Port Range Article - 3.Dec.2004 8:19:00 AM
|
|
|
jneumann
Posts: 8
Joined: 3.Dec.2004
Status: offline
|
Thanks for this great information. We have an actual problem. We need to forward https request to an upstream Proxy on a different port (e.g. 1234).
I configured the second possible port for SSL connections, but how to configure that all request leave at the new port 1234 instead of 1234?
|
|
|
|
|
RE: Discussion about SSL Tunnel Port Range Article - 17.Dec.2004 8:35:00 PM
|
|
|
jrod212
Posts: 1
Joined: 17.Dec.2004
Status: offline
|
The isatools.org site isn't available, therefore these scripts are not available. What happened? Is there somewhere else I could get them from?
|
|
|
|
|
RE: Discussion about SSL Tunnel Port Range Article - 20.Dec.2004 7:53:00 PM
|
|
|
zeograz
Posts: 6
Joined: 9.Dec.2004
Status: offline
|
Does this also apply to a website address that uses non-standard ports in the URL and regular http (not https)?
I am getting blank pages when I try to access these types of URLS (see example below). The page below is the page that I am trying to go to...it is linked to when you click submit on another page.
http://egvsys.miamidade.gov:1608/wwwserv/ggvt/txcaw01.dia?folio=3050190130410
|
|
|
|
|
RE: Discussion about SSL Tunnel Port Range Article - 23.Dec.2004 11:25:00 AM
|
|
|
tshinder
Posts: 47181
Joined: 10.Jan.2001
From: Texas
Status: offline
|
quote:
Originally posted by Arminius:
Thanks for this great information. We have an actual problem. We need to forward https request to an upstream Proxy on a different port (e.g. 1234).
I configured the second possible port for SSL connections, but how to configure that all request leave at the new port 1234 instead of 1234?
Hi Arminius,
This configuration requires Web Proxy chaining.
HTH,
Tom
|
|
|
|
|
RE: Discussion about SSL Tunnel Port Range Article - 23.Dec.2004 11:26:00 AM
|
|
|
tshinder
Posts: 47181
Joined: 10.Jan.2001
From: Texas
Status: offline
|
quote:
Originally posted by jrod212:
The isatools.org site isn't available, therefore these scripts are not available. What happened? Is there somewhere else I could get them from?
Hi J,
Should be up now.
HTH,
Tom
|
|
|
|
|
RE: Discussion about SSL Tunnel Port Range Article - 23.Dec.2004 11:26:00 AM
|
|
|
tshinder
Posts: 47181
Joined: 10.Jan.2001
From: Texas
Status: offline
|
quote:
Originally posted by zeograz:
Does this also apply to a website address that uses non-standard ports in the URL and regular http (not https)?
I am getting blank pages when I try to access these types of URLS (see example below). The page below is the page that I am trying to go to...it is linked to when you click submit on another page.
http://egvsys.miamidade.gov:1608/wwwserv/ggvt/txcaw01.dia?folio=3050190130410
Hi Zeo,
No problem with alternate ports for HTTP. I got there just fine.
HTH,
Tom
|
|
|
|
RE: Discussion about SSL Tunnel Port Range Article - 26.Jan.2005 9:17:00 PM
|
|
|
Guest
|
Can you just change the high port value to 444 (for example) in the SSL entry if port 444 is to be added to the SSL range?
|
|
|
|
|
RE: Discussion about SSL Tunnel Port Range Article - 28.Jan.2005 2:56:00 AM
|
|
|
tshinder
Posts: 47181
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi BW,
Sure, you can make a range of one port.
HTH,
Tom
|
|
|
|
|
RE: Discussion about SSL Tunnel Port Range Article - 21.Feb.2005 12:23:00 PM
|
|
|
hardmandez
Posts: 24
Joined: 16.Feb.2004
Status: offline
|
Hi,
I have tried both opening a port and and using the script and and enabling the web proxy filter but I still can not connect to the HTTPS site. I can not even see any connection being initiated inusing either of the methods I do get a SSL Tunnel Failed. Attempt Allow HTTP/HTTPS requests from ISA Server to selected servers for connectivity verifiers.
Any ideas??
Many thanks
HDZ
|
|
|
|
|
RE: Discussion about SSL Tunnel Port Range Article - 22.Feb.2005 10:26:00 AM
|
|
|
wodger
Posts: 14
Joined: 20.Jan.2005
From: UK
Status: offline
|
Have you restarted the ISA Control Service?
|
|
|
|
|
RE: Discussion about SSL Tunnel Port Range Article - 26.Apr.2005 7:43:00 PM
|
|
|
Robertb68
Posts: 10
Joined: 26.Apr.2005
Status: offline
|
Is this 2004 specific or can I do this with 2000 as well. I have to get to a site with an SSL port of 4443. Thanks
|
|
|
|
|
RE: Discussion about SSL Tunnel Port Range Article - 10.May2005 3:09:00 AM
|
|
|
wayneoakley99
Posts: 1
Joined: 2.Apr.2004
Status: offline
|
guess i am a little thick tonight
used the gui app on isa 2004 and it shows the port i added (8050) (thanks for the app).
but, now what, i really can't figure out what comes next in allowing the use of http://xxx.com:8050 it just gets the proxy error.
the client is configured to use port 8080 on the proxy setting
thanks
wayne
|
|
|
|
|
RE: Discussion about SSL Tunnel Port Range Article - 6.Jun.2005 6:34:00 AM
|
|
|
gavsta
Posts: 1
Joined: 6.Jun.2005
Status: offline
|
I've been trying to download the files listed in this article all morning and have been unable to.
is the isatools.org site down? can anyone help me get the files?
i'm trying to solve a problem where users are trying to access https on french sites which is posing big problems for our finances and want to increase the ssl port range.
any help appreciated.
|
|
|
|
|
RE: Discussion about SSL Tunnel Port Range Article - 8.Jun.2005 4:41:00 PM
|
|
|
bkhorsa
Posts: 2
Joined: 6.Jun.2005
Status: offline
|
Tom;
Your articles have been truly informative. Can you provide some quick feedback on this scenario please:
The internal network has three VLANs courtesy of a Layer 3 switch. The ISA 2004 Firewall is configured with two NICs. Despite entering the addresses of all three VLANs in my Internal network definition, only the firewall clients in the same VLAN as the ISA Server can access the external FTP servers.
Do I need to have four (4) NICs corresponding to the three internal networks and the one external network to make this configuration work? or is there a simpler approach?
Thanks for your guidance.
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
![[Big Grin]](/image/smiles/biggrin.gif)
![[Wink]](/image/smiles/wink.gif)
![[Cool]](/image/smiles/cool.gif)
