• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

ldaps between domain controller and isa 2006 failing.

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Publishing] >> Web Publishing >> ldaps between domain controller and isa 2006 failing. Page: [1]
Login
Message << Older Topic   Newer Topic >>
ldaps between domain controller and isa 2006 failing. - 24.Feb.2012 12:12:39 PM   
kblackwel

 

Posts: 3
Joined: 10.Feb.2012
Status: offline
I have a single honed isa server in a dmz. I've opened up all the port needed. But I cannot seem to ldaps auth to my domain controller.

The firewall is not blocking any ports

I read this article about running netmon and looking at the TLS handshake.

Troubleshooting Forms Base Authentication using Secure LDAP Authentication on ISA Server 2006

About half way down the page it shows a correct transmission, but it is expired.

I think my problem is it's requesting the wrong certificate.

When the isa communicates with the domain controller, it's supplying the domain controllers certificate.

What do I need to do to resolve the problem?



Frame: Number = 46, Captured Frame Length = 1434, MediaType = ETHERNET
+ Ethernet: Etype = Internet IP (IPv4),DestinationAddress:[00-0D-56-6F],SourceAddress:[00-02-B3-E8]
+ Ipv4: Src = 192.168.xxx.xx, Dest = 192.168.xxx.xxx, Next Protocol = TCP, Packet ID = 32567, Total IP Length = 1420
+ Tcp: Flags=...A...., SrcPort=ldap protocol over TLS/SSL (was sldap)(636), DstPort=1208, PayloadLen=1380, Seq=1604438344 - 1604439724, Ack=2229901823, Win=65454 (scale factor 0x0) = 65454
TLSSSLData: Transport Layer Security (TLS) Payload Data
- TLS: TLS Rec Layer-1 HandShake: Server Hello. Certificate.
- TlsRecordLayer: TLS Rec Layer-1 HandShake:
ContentType: HandShake:
+ Version: TLS 1.0
Length: 5280 (0x14A0)
- SSLHandshake: SSL HandShake Certificate(0x0B)
HandShakeType: ServerHello(0x02)
Length: 77 (0x4D)
+ ServerHello: 0x1
HandShakeType: Certificate(0x0B)
Length: 1396 (0x574)
- Cert: 0x1
CertLength: 1393 (0x571)
- Certificates:
CertificateLength: 1390 (0x56E)
- X509Cert: Issuer: XXX,xxx,local, Subject: dc2.xxx.local
+ SequenceHeader:
- TbsCertificate: Issuer: XXX,xxx,local, Subject: dc2.xxx.local
+ SequenceHeader:
+ Tag0:
+ Version: v3 (2)
+ SerialNumber: 0x1e2b106e000000000029
+ Signature: Sha1WithRSAEncryption (1.2.840.113549.1.1.5)
+ Issuer: XXX,xxx,local
+ Validity: From: 08/27/11 21:14:27 UTC To: 08/26/12 21:14:27 UTC
+ Subject: dc2.xxx.local
+ SubjectPublicKeyInfo: RsaEncryption (1.2.840.113549.1.1.1)
+ Tag3:
+ Extensions:
+ SignatureAlgorithm: Sha1WithRSAEncryption (1.2.840.113549.1.1.5)
+ Signature:
Certificates:
Post #: 1

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Publishing] >> Web Publishing >> ldaps between domain controller and isa 2006 failing. Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts