• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

443 port network interconnection problem

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Firewall] >> Access Policies >> 443 port network interconnection problem Page: [1]
Login
Message << Older Topic   Newer Topic >>
443 port network interconnection problem - 14.Jan.2010 8:12:03 AM   
franciskiko

 

Posts: 2
Joined: 14.Jan.2010
Status: offline
Hello,

I have ISA Server 2006 installed and I have a problem connecting two subnets through port 443. Both networks are defined as ranges in the Internal Network and the following access rule is defined to allow traffic:

Protocols: HTTPS (no filters, HTTP (no filters), 8080
From: local host, Internal
To: All networks (And local host), External, Internal
Users: All users

The problem is one subnet (138.0.1.x) cannot access by telnet using port 443 to the other subnet (172.16.146.x) trhough ISA Server, but I can access from the subnet 172.16.146.x to 138.0.1.x. Also, ISA can access both 172.16.146.x and 138.0.1.x using this port.
I have checked logs and the connection is logged by 0x0 ERROR_SUCCESS message, and 1 later it appears 0xc0040038 FWX_E_TCP_NO_SERVER_REPLY message.

I have tried a lot of configurations but I haven't get it. I think it's possible ISA Server is blocking this port From Internal to Internal for some reason that I don't know, because I can access doing 443 telnet to any server of External network.

Thank you in advance.
Kiko
Post #: 1
RE: 443 port network interconnection problem - 14.Jan.2010 12:35:55 PM   
franciskiko

 

Posts: 2
Joined: 14.Jan.2010
Status: offline
I have resolved the problem. It seems ISA Server doesn't work properly if two subnets are defined in the same network and there are rules created between them. I have created a new computer object with containing the IP of one of the machines and I added to the FROM entry of the rule, and now it's working. I don't understand why it didn't work because that IP is included in the Internal network, but I don't know why now it's working in this way.

I hope this information help people with the same problem.

Bye
Kiko.

(in reply to franciskiko)
Post #: 2
RE: 443 port network interconnection problem - 14.Jan.2010 5:05:49 PM   
paulo.oliveira

 

Posts: 3472
Joined: 3.Jan.2008
From: Amazon, Brazil
Status: offline
Hi,
quote:

I have resolved the problem. It seems ISA Server doesn't work properly if two subnets are defined in the same network and there are rules created between them.

You should read this article to better understand how ISA Networks works.

http://www.isaserver.org/tutorials/Overview-ISA-TMG-Networking-ISA-Networking-Case-Study-Part1.html

Regards,
Paulo Oliveira.

_____________________________

Microsoft Premier Field Engineer (PFE)
Blog: http://poliveirasilva.wordpress.com/
Twitter: https://twitter.com/poliveirasilva

(in reply to franciskiko)
Post #: 3

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Firewall] >> Access Policies >> 443 port network interconnection problem Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts