A Solution for ISA 2004 SP1 + TrendMicro IWSS on the same Box

A Solution for ISA 2004 SP1 + TrendMicro IWSS on the same Box (Full Version)

All Forums >> [ISA Server 2004 Misc.] >> 3rd Party Add-ons

Message

msillmann -> A Solution for ISA 2004 SP1 + TrendMicro IWSS on the same Box (18.Jul.2005 2:08:00 AM)
Since there are a couple of users how have (had) the same problem as me (running TrendMicro's InterScan WebSecurity Suite and ISA 2004 on the same box), I think it might be helpful for one to know one working solution. Scenario: ISA is listening on port 8082 for incoming web proxy requests. Each user has to authenticate against AD to get Internet access and enforce the rules to be applied. After a successful authentication, ISA forwards the requests to IWSS (port 8084), which retrieves the URL directly via a leased line. Small howto: 1) Configure ISA and IWSS to your needs. 2) Set up ISA to listen on port 8082 and IWSS on port 8084. 3) Create a rule that allows LocalHost to LocalHost traffic for all the protocols users may use, condition "All Users". 4) Create a rule that allows Internal to External traffic (choose correct protocols, users,...). 5) Remove the Web Proxy Filter from all (!) protocols you mentioned in the two rules. 6) Create a web chaining rule with the following properties: - Action: Redirect them to a specified upsteam server and set <localhost>:8084 for IWSS. Disable automated polling for configuration. - To: External - Bridging: HTTP requests as HTTP requests and SSL requests as HTTP requests. That's it. This works fine for me on several boxes, but: no warranty at all. :-) If you have any suggestions, problems or improvements, feel free to contact me. Kind regards, Maik.

charlie66 -> RE: A Solution for ISA 2004 SP1 + TrendMicro IWSS on the same Box (16.Aug.2005 4:09:00 PM)
Or: http://kb.trendmicro.com/solutions/search/main/search/solutionDetail.asp?solutionID=24451&q=&qp=productId%3A62%7C%7Cversion%3A%222.0+for+Windows%22&qt=+&qs=&r=1&c=24451&sort=0 As posted by Mario V. in an earlier thread.

hmukhtar -> RE: A Solution for ISA 2004 SP1 + TrendMicro IWSS on the same Box (18.Jun.2007 8:49:51 AM)
Hi Msillman, I have ISA and IWSS working in same machine , i configure it as you menstioned, every thing work fine except any https sites not workig , i get message : Network Access Message: The page cannot be displayed Technical Information (for Support personnel) Error Code: 502 Proxy Error. -2147471495(-2147471495) IP Address: 172.32.1.34 Date: 6/18/2007 12:44:20 PM Server: testsrv.emed.gov Source: proxy when i log ISA monitor i get this meesage Failed Connection Attempt Log type: Web Proxy (Forward) Status: 0x80002f79 Rule: Web Access Only Source: Internal ( 10.10.21.71:0) Destination: External ( 172.32.1.34:8888) Request: www.google.com:443 Filter information: Req ID: 0afc2009 Protocol: SSL-tunneli tried for days but failed .. I need your help , thanks ..

RAJP -> RE: A Solution for ISA 2004 SP1 + TrendMicro IWSS on the same Box (20.Jul.2007 3:23:06 PM)
quote: Destination: External ( 172.32.1.34:8888) Request: www.google.com:443 Where does port 8888 come into play? ISA only allows SSL over 443 unless you change it. The best way is to use Jim Harrison's site : http://isatools.org/tools.asp?Context=ISA2004 and use the ISA TRPE utility. It allows you to use SSL over ports other than 443. It does restart the firewal lservice when you apply yhe change, though. Ray

hmukhtar -> RE: A Solution for ISA 2004 SP1 + TrendMicro IWSS on the same Box (22.Jul.2007 2:04:33 AM)
Hi Ray, this port used for chain proxy ( IWSS 2.5) installed in the same box with ISA as mentined in the artical .. it's working fine for every thing except any HTTPS site.. thanks for reply Hassan

nathan -> RE: A Solution for ISA 2004 SP1 + TrendMicro IWSS on the same Box (20.Sep.2007 6:31:36 PM)
Hi Maik, I know this thread is a little old, but to get this working did you need to have the firewall client installed? It is just that you turn off the web proxy filter and if you set authentication on the rules the browsing fails. If I set the rule to All Users the browsing works. And what is the reason for a localhost to localhost rule? It looks to me that you don't need rules to access services on the firewall if you are already on the firewall. I used telnet as an example. Thanks Nathan

Page: [1]