• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

https not passing trough

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Firewall] >> HTTP Filtering >> https not passing trough Page: [1]
Login
Message << Older Topic   Newer Topic >>
https not passing trough - 23.Sep.2009 9:37:24 AM   
aka_zedweb

 

Posts: 2
Joined: 16.Mar.2007
Status: offline
Here we have an ISA 2006, recently patched, with 2 NIC's (inbound and outbound on different networks - switch > router), configured as an edge firewall with NAT network relationship!
I've set up a new firewall policy rule that states that certain users from certain computers can only access certain websites. Got the plain http sites working perfectly and blocked all others, but as soon as someone goes to the https portions of the sites traffic gets denied! I get a "Error code 502 Proxy Error . The ISA server denied the specified Uniform Resource Locator (12202).
My regular users that have generalized access don't have this problem, all goes well.
In my view site allow rules only work on http prefixes, I've added them with the https prefix but same result!
ISA monitoring states that SSL-Tunnel on 443 destination port is denied access!
I've already tried adding the intended target domains to the network exceptions for direct access but no go!
I've also tried both settings on bridging portion in the web chaining config, redirect SSL requests as http or SSL but result is the same. Donīt have an certificate to install for the intention is to get those users registered in the sites and then they will provide individual certificates for each user.
Please help!
Post #: 1
RE: https not passing trough - 23.Sep.2009 11:52:29 AM   
Jason Jones

 

Posts: 4663
Joined: 30.Jul.2002
From: United Kingdom
Status: offline
You need to use domain name sets for HTTPS, not URL sets...

Cheers

JJ

_____________________________

Jason Jones | Forefront MVP | Silversands Ltd
My Blogs: http://blog.msedge.org.uk/ and http://blog.msfirewall.org.uk/

(in reply to aka_zedweb)
Post #: 2
RE: https not passing trough - 24.Sep.2009 10:36:31 AM   
aka_zedweb

 

Posts: 2
Joined: 16.Mar.2007
Status: offline
Seems to work like a charm! Will go trough all the necessary steps and report further!
Many thanks!

(in reply to Jason Jones)
Post #: 3

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Firewall] >> HTTP Filtering >> https not passing trough Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts