Hi everyone, hope you can help a new ISA user.
One of our companies has decided to use ISA server as a web proxy. At the minute I'm testing several situations, including blocking streaming audio, blocking Kazaa and also blocking or allowing products such as MSN Messenger.
I've got one rule blocking protocols such as MMS, PNM and RTSP. My 2nd rule is for internet access and allows FTP, HTTP and HTTPS. If this is left on all content type MSN messenger works. When I change content type to block audio and video content I can no longer sign into messenger. When I run a query I get Denied Connection errors on Port 443 with the SSL-Tunnel protocol.
Can anyone help with this? If any more info is required please contact me,
Since there is an SSL connection involved, the ISA firewall cannot evaluate the content type (since the ISA firewall can't do outbound SSL bridging) and errs on the side of security and blocks the connection.
So is the only way to get messenger to work to leave the rule on 'All Content'? Why is there a protocol for MSN Messenger in ISA 2004 if this won't work? Am I looking at things too simply?? I also tried added a seperate rule with just MSN Messenger as the protocol and still get the same error message.