• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

problem with allowing https traffic through

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> Access Policies >> problem with allowing https traffic through Page: [1]
Login
Message << Older Topic   Newer Topic >>
problem with allowing https traffic through - 28.Dec.2009 6:23:01 PM   
KevinNNI

 

Posts: 8
Joined: 5.May2005
Status: offline
I have ISA 2004 SP3 on w2k3r2 and it is not allowing me to hit HTTPS websites even with rules in place to allow so. I can force it if i blanket everywhere access, but I want to restrict it to just a few sites

our setup explained, top to bottom in firewall policy:

1 Allow group of certain computer/hosts all users (all protocols)
2 Allow list of websites to all users (FTP,HTTP,HTTPS)
3 Allow Outbound traffic to all users (all protocols EXCEPT HTTP,HTTPS)
4 Allow Authenticated users outbound traffic (HTTP,HTTPS)

When i try to hit a HTTPS site, i get denied requests in the monitor. they show failing at rule #4. I have to change rule #2 to allow External to the list of "to" addresses for it to work. i really cant do that because that opens up every HTTPS to all users

server is 2 interface, internal and external. DNS is set on the internal interface only, pointing to internal DNS server.

it seems to me like the server just isnt resolving the domain to match against my list of allowed websites.

i also did setup the tunneling options

NNTP (single port): 563
SSL (single port): 443
SSL 10000 (single port): 10000
SSL 9443 (single port): 9443



any help would be appreciated.
Post #: 1
RE: problem with allowing https traffic through - 30.Dec.2009 12:07:42 PM   
hrsanchez

 

Posts: 146
Joined: 30.Nov.2007
From: Argentina
Status: offline
Hi Kevin,

Maybe this article could help you,
http://technet.microsoft.com/en-us/library/cc302664.aspx

regards,

_____________________________

Eng.Hector Sanchez
MCSE + Security 2000/2003
MCTS Isa 2004/Isa 2006

(in reply to KevinNNI)
Post #: 2

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> Access Policies >> problem with allowing https traffic through Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts