• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

website using non-standard ssl port

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Firewall] >> General >> website using non-standard ssl port Page: [1]
Login
Message << Older Topic   Newer Topic >>
website using non-standard ssl port - 8.Jan.2010 9:33:20 AM   
manoa115

 

Posts: 47
Joined: 7.Mar.2005
From: Philadelphia
Status: offline
I did a search on this site without any being able to correct my problem.  I have a request to allow access to http://www.school.edu/service which redirect the users to a SSL site, https://adminweb.school.edu:44380.  I used ISAtpre tool to add the custom port 44380 and verify it with isa_tpr.js.  When i double click on the isa_tpr.js, I get "Your current Tunnel Port Range List:" 563, 44380 and 443.  My users are SecureNat so I proceeded to create an outbound  Access Rule for this custom protocol I created in my User-Defined.  I am still getting the Internet Explorer "cannot display the webpage."  I use the same link on a non-isa network and it launches fine.  What else am I missing?
Post #: 1
RE: website using non-standard ssl port - 8.Jan.2010 10:57:20 AM   
paulo.oliveira

 

Posts: 3472
Joined: 3.Jan.2008
From: Amazon, Brazil
Status: offline
Hi,

what does ISA logs tells you?

Regards,
Paulo Oliveira.

_____________________________

Microsoft Premier Field Engineer (PFE)
Blog: http://poliveirasilva.wordpress.com/
Twitter: https://twitter.com/poliveirasilva

(in reply to manoa115)
Post #: 2
RE: website using non-standard ssl port - 8.Jan.2010 2:09:19 PM   
elmajdal

 

Posts: 6022
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline
Restart your server.

_____________________________

Tarek Majdalani

Windows Expert - IT Pro MVP
Facebook : https://www.facebook.com/ElMajdal.Net

(in reply to manoa115)
Post #: 3
RE: website using non-standard ssl port - 14.Jan.2010 12:22:36 PM   
manoa115

 

Posts: 47
Joined: 7.Mar.2005
From: Philadelphia
Status: offline
Sorry but I was tied up with more pressing matter.  Anyway, I deleted the URL set and created a Domain Name Sets (*.rowan.edu).  I create an Access list with Action=Allow  => Ptotocols=User Defined (port 44380) => From/Listener=Internal => To=Domain Name Sets(*.rowan.edu) => Condition=All Users.  I edited a filter using the static IP of the system I am using to try and access the URL.  After I get the page can not be displayed, I stopped the query and it does not indicate or gave me any info I thought was useful:  I have

Original Client IP          Client Agent      Authenticated Client      Service Server Name    Referring Server  Destination Host Name Transport         MIME Type       Object Source   Source Proxy            Destination Proxy         Bidirectional      Client Host Name          Filter Information            Network Interface         Raw IP Header Raw Payload    GMT Log Time Source Port            Processing Time          Bytes Sent        Bytes Received Result Code      HTTP Status Code            Cache Information         Error Information           Log Record Type          Authentication Server  Log Time          Destination IP   Destination Port            Protocol            Action   Rule            Client IP           Client Username           Source Network            Destination Network            HTTP Method   URL
10.1.1.160                                            DEFISA            -                       TCP     -                                                                       -                                               1/14/2010 5:08:03 PM   1479     0            0          0          0x0 ERROR_SUCCESS                        0x0       0x0       Firewall -            1/14/2010 12:08:03 PM  150.250.64.80   80        HTTP   Initiated Connection      Internet Access 10.1.1.160                    Internal External            -           -
0.0.0.0  Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; InfoPath.2)            Yes      Proxy   DEFISA                        150.250.64.80   TCP                 Internet -           -                        -           Req ID: 04ec38a8; Compression: client=No, server=No, compress rate=0% decompress rate=0%    -           -           -           1/14/2010 5:08:04 PM   0          47        759       211                        302       0x40000000      0x400   Web Proxy Filter                       1/14/2010 12:08:04 PM       150.250.64.80   80        http      Allowed Connection       Internet Access 10.1.1.160            anonymous       Internal External            GET     http://150.250.64.80/selfservice
10.1.1.160                                            DEFISA            -                       TCP     -                                                                       -                                               1/14/2010 5:09:04 PM   1479            61031   0          759       0x80074e24 FWX_E_CONNECTION_KILLED                0x0       0x0            Firewall -           1/14/2010 12:09:04 PM  150.250.64.80   80        HTTP   Closed Connection            Internet Access 10.1.1.160                    Internal External            -           -

I have also check after a reboot to make sure the tunnel range included 44380.  Any ideas would be much appreciated.

(in reply to elmajdal)
Post #: 4
RE: website using non-standard ssl port - 19.Jan.2010 11:18:51 AM   
manoa115

 

Posts: 47
Joined: 7.Mar.2005
From: Philadelphia
Status: offline
Does anyone know what else I can try to solve this issue?  I tried everything I can find.  The log filter I created have not given me anything to go by since it doesn't show any denied.  It pretty much show it closed the connection and nothing further.  I tried using the Cscript command and it states that the port already exist and I have restarted the ISA server much to make sure.  The site is http://www.rowan.edu/selfservice if anyone wants to give it a try and let me know.

(in reply to manoa115)
Post #: 5

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Firewall] >> General >> website using non-standard ssl port Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts