• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

SSL Server Publishing Fails

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2000 General] >> Server Publishing >> SSL Server Publishing Fails Page: [1]
Login
Message << Older Topic   Newer Topic >>
SSL Server Publishing Fails - 8.May2002 7:43:00 AM   
tymbow

 

Posts: 9
Joined: 15.Mar.2002
Status: offline
We have a situation where we are unable to publish an SSL
server on our internal network. Details as follows:

- ISA Server is on a different box to IIS
- ISA Server SP1 is applied
- HTTP publishing is working
- SSL access to the web server works when not going
through ISA (ie: SSL on the IIS box is fine)
- Netstat shows ISA is listening on port 443
- Packet filters show ALLOW logs whenever an attempt to
access an SSL site is made
- IIS logs always show port 80 requests, but SSL requests
are never passed from ISA to IIS

We have checked that SSL Web publishing is disabled as we
are using a Server Publishing Rule to publish SSL.

So in a nutshell, SSL requests make it to ISA which then
does nothing with them, but HTTP requests are passed
through okay.

Thoughts appreciated.
Post #: 1
RE: SSL Server Publishing Fails - 8.May2002 2:12:00 PM   
MrR

 

Posts: 15
Joined: 7.May2002
Status: offline
Hi tymbow

The first thing that I'd check is whether you can connect to your web server from a client on the internal network using an HTTPS request to confirm that SSL is functioning. If not, ISA may not be your problem and I'd start thinking about the IIS box.

Second thing is to ensure you have all the bases covered according to

http://support.microsoft.com/default.aspx?scid=kb;en-us;Q298900

The next thing you could think about is a network trace:

1. Install Network Monitor on the IIS box and the ISA box.

2. Make sure that you've got it configured to listen to the correct network interface (Capture menu -> Networks -> select the correct MAC address) and start a trace.

3. Hit the ISA Server with an SSL request from an external client and wait for the request to fail in the browser.

4. Stop the trace on the ISA box and the IIS box.

5. Examine the network traffic.

This will be a little difficult because the request will be encrypted but if you filter the trace so that it only displays traffic between the two servers, you should be able to see if there are requests sent from the ISA box to the IIS box destined for port 443.

This will at least tell you whether ISA is passing the request or not and whether IIS is responding if the packet gets there.

Your last option is to use Web Publishing ... refer to:

http://support.microsoft.com/default.aspx?scid=kb;en-us;Q292569

Hope that helps

MrR

(in reply to tymbow)
Post #: 2

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2000 General] >> Server Publishing >> SSL Server Publishing Fails Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts