• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Multiple Listeners (diff IPs) with Same Certificate

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Publishing] >> Web Publishing >> Multiple Listeners (diff IPs) with Same Certificate Page: [1]
Login
Message << Older Topic   Newer Topic >>
Multiple Listeners (diff IPs) with Same Certificate - 23.Apr.2009 9:41:43 PM   
chrisgibbs

 

Posts: 16
Joined: 1.Apr.2009
Status: offline
Hi All,

First up, I will point out this is a bit of a weird setup im trying to accomplish here but here goes......

We have a production site that at the moment allows clients to auth directly to a single SAP server via a HTTPS web publishing rule. This rule has a dedicated listener with a DMZ IP and certificate applied to it.

We have been staging rules for cutover to the new environment where publishing the same domain name to a web farm. This uses a different listener and different dedicated DMZ IP but uses the same certificate as the previous rule.

Our problem is that I briefly tested this setup and noticed that the current production kind of forwards traffic but goes into some kind of redirection loop, while the new environment works correctly.

I'm in the process of replicating the rules to our test environment to conduct more investigation but if someone could shed some light that would be extremely helpful :)

Thanks

Chris
Post #: 1
RE: Multiple Listeners (diff IPs) with Same Certificate - 24.Apr.2009 8:00:48 AM   
Jason Jones

 

Posts: 4663
Joined: 30.Jul.2002
From: United Kingdom
Status: offline
Hi Chris,

Any chance of details of your publishing rules?

Cheers

JJ

_____________________________

Jason Jones | Forefront MVP | Silversands Ltd
My Blogs: http://blog.msedge.org.uk/ and http://blog.msfirewall.org.uk/

(in reply to chrisgibbs)
Post #: 2
RE: Multiple Listeners (diff IPs) with Same Certificate - 29.Apr.2009 12:37:19 AM   
chrisgibbs

 

Posts: 16
Joined: 1.Apr.2009
Status: offline
Hi Jason,

Hopefully this make sense:

Web Publishing Rules:
Name: Site1.somedomain.com
Type: Publish to Single Server (10.0.0.100)
Listener: Lis1 (192.168.246.100) SSL with certifcate for site1.somedomain.com
Public Name: site1.somedomain.com
Bridging: SSL TCP 51500
Authentication Delegation: BASIC
Authentication Settings: Customised HTML Form -> site1
Users: Authenticated Users

Name: Site1_New_ENV.somedomain.com
Type: Publish to WebFarm (10.0.0.101 & 10.0.0.102)
Listener: Lis2 (192.168.246.101) SSL with certifcate for site1.somedomain.com
Public Name: site1.somedomain.com
Bridging: SSL TCP 51500
Authentication Delegation: BASIC
Authentication Settings: Customised HTML Form -> site1
Users: Authenticated Users
Listeners

Name: Lis1
IP Address: 192.168.246.100
Certificate: site1.somedomain.com applied to interface 192.168.246.100
Connections: 80 & 443 (80 redirects to 443)
Authentication: HTML Form Auth with LDAP
SSO: .somedomain.com

Name: Lis2
IP Address: 192.168.246.101
Certificate: site1.somedomain.com applied to interface 192.168.246.101
Connections: 80 & 443 (80 redirects to 443)
Authentication: HTML Form Auth with LDAP
SSO: .somedomain.com
Cheers

Chris

(in reply to Jason Jones)
Post #: 3

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Publishing] >> Web Publishing >> Multiple Listeners (diff IPs) with Same Certificate Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts