I have a ISA 2000 SP2 and Feature Pack 1 server running on windows 2003 server (member server). It is a brand new install, and everything is in its default state except the following.
A) Assigned an inbound web listner and SSL enabled it (port 80 and 443)
B) Assigned an outbound web listner on port 8080 and SSL enabled it to 8443.
C) I created a Protocol rule to allow all outbound traffic.
D) Obviously, ISA install created a default allow all Site and Content rule.
E) I enabled IP packet filtering, IP routing, Intrusion detection, Fragmented packet filtering and PPTP.
F) Created a Server Publishing rule. Mapped an internal IP to the external NIC's IP and added HTTPS server protocol from the defination.
G) Diabled the HTTP redirector
H) Installed certificate on the IIS server and enabled SSL.
The server is a secureNAT client. I am using my windows XP machine, which is also a SecureNAT client, to access the https://page.mycompany.com from behind the ISA. But I couldn't access the site. IE stays there for a while and says "DNS error or server can't be found". Only this HTTPS site gives me this trouble. Other HTTP and HTTPS traffics flows in and out normally. Particularly, incoming https requests for this site from the internet are fine. It's just I am having trouble if I access it from the intranet.
However, if I set my browser to use the proxy client at ISAserver 8080, I can access the page without any trouble at all.
Shouldn't SecureNAT clients bypass the HTTP redirector and webproxy?
DNS,DHCP, etc servers are fine. Webserver and ISA can be pinged both ways.