isa 2000 https port access
Dear Experts,
My hosting provider has just made some changes for web administration.
As a result, they send me a new URL address to login and administer my domain.
The URL address is something like this:
HTTPS://www.mydomain.com:8443
When I've tried to use it, I've received a white page.
Support personnel tall me that I had to open port 8443 and that was when the trouble started.
I have a LAN configurated with SBS 2000. So there's a Windows 2000 Server and an ISA 2000 Server installed and functioning in a same machine.
Surfing on the web, I've found some solutions to open a new port on ISA 2000 but it didn't work.
I'll be very thankful with your help.
Best regards
Macastri
My hosting provider has just made some changes for web administration.
As a result, they send me a new URL address to login and administer my domain.
The URL address is something like this:
HTTPS://www.mydomain.com:8443
When I've tried to use it, I've received a white page.
Support personnel tall me that I had to open port 8443 and that was when the trouble started.
I have a LAN configurated with SBS 2000. So there's a Windows 2000 Server and an ISA 2000 Server installed and functioning in a same machine.
Surfing on the web, I've found some solutions to open a new port on ISA 2000 but it didn't work.
I'll be very thankful with your help.
Best regards
Macastri
ASKER
Thanks very much for your answer srikrishnak,
Perhaps I wasn't so clear when I wrote my question, I'm really sorry.
After apply the solution founded on the web, I couldn't open port 8443.
For a better understanding I'm describing to you which was the suggested solution:
In ISA Management Console:
1. Expand Servers and Arrays
2. Expand <ServerName>
3. Expand Access Policy
4. Select IP Packet Filters
5. Click "Create a Packet Filter" in the right pane.
In the wizard:
1. Enter a name (Allow 8443 - for example). Next.
2. Leave the default for "All ISA Server computers in the array. Next.
3. Leave "Allow packet transmission. Next.
4. On Filter Type screen select radio button for custom. Next.
5. On Filter Settings screen Select TCP or UDP depending upon your needs in the IP protocol.
6. Select Both for Direction unless you only want this port open one way.
7. Local port: select fixed and put in 8443 for the port number.
8. Remote port: Fixed port, 8443 for port number. Next.
9. On Local Computer screen you can leave the default "Default IP address..." or else select "This ISA server's external IP address" and enter the external IP address. Next.
10. On remote computers leave the default of "All remote computers" unless you only want to allow a specific remote computer to connect on this port. Next.
11. Finish.
After all of that, I've restated the ISA server.
I've tried to open HTTPS://www.mydomain.com:8443, but the result was again a blank page.
Doing a telnet to www.mydomain.com 8443 there wasn’t any response.
Perhaps I wasn't so clear when I wrote my question, I'm really sorry.
After apply the solution founded on the web, I couldn't open port 8443.
For a better understanding I'm describing to you which was the suggested solution:
In ISA Management Console:
1. Expand Servers and Arrays
2. Expand <ServerName>
3. Expand Access Policy
4. Select IP Packet Filters
5. Click "Create a Packet Filter" in the right pane.
In the wizard:
1. Enter a name (Allow 8443 - for example). Next.
2. Leave the default for "All ISA Server computers in the array. Next.
3. Leave "Allow packet transmission. Next.
4. On Filter Type screen select radio button for custom. Next.
5. On Filter Settings screen Select TCP or UDP depending upon your needs in the IP protocol.
6. Select Both for Direction unless you only want this port open one way.
7. Local port: select fixed and put in 8443 for the port number.
8. Remote port: Fixed port, 8443 for port number. Next.
9. On Local Computer screen you can leave the default "Default IP address..." or else select "This ISA server's external IP address" and enter the external IP address. Next.
10. On remote computers leave the default of "All remote computers" unless you only want to allow a specific remote computer to connect on this port. Next.
11. Finish.
After all of that, I've restated the ISA server.
I've tried to open HTTPS://www.mydomain.com:8443, but the result was again a blank page.
Doing a telnet to www.mydomain.com 8443 there wasn’t any response.
Hmm..Sorry for that...Anyways no probs...
Okie..A blank page in the sence do you see any message like HTTP 404 or 500 or 403 error..Or just a "BLANK" page..
On the other hand when you do telnet to the port 8443 did you happen to see any thing on the screen or its just "connection timed out"...I am asking these because i dont see any problem if you opened the port and sure there is no communication issue....Sometimes if there is no default page setted on the remote side you may not be able to see anything...
If your telnet is just a blank try to type something...if you get a responce or something like "invalid http request" then you are connected...Otherwise need to check some X factors...
:)
Okie..A blank page in the sence do you see any message like HTTP 404 or 500 or 403 error..Or just a "BLANK" page..
On the other hand when you do telnet to the port 8443 did you happen to see any thing on the screen or its just "connection timed out"...I am asking these because i dont see any problem if you opened the port and sure there is no communication issue....Sometimes if there is no default page setted on the remote side you may not be able to see anything...
If your telnet is just a blank try to type something...if you get a responce or something like "invalid http request" then you are connected...Otherwise need to check some X factors...
:)
ASKER
OK srikrishnak no probs...
1) I don't see any message only just a "blank" page.
2) I'm not sure if after creation a packet filter the port was opened.
First of all I need to say you that I'm not an ISA 2000 expert so this situation it's a little traumatic for me. Please be patience.
Doing a telnet to www.mydomain.com 8443 I’ve received this message:
"Connecting to www.... could not open a connection to host on port 8443: Connect failed."
Just like a probe, I did a telnet to www.mydomain.com 110
The port has been opened
.
1) I don't see any message only just a "blank" page.
2) I'm not sure if after creation a packet filter the port was opened.
First of all I need to say you that I'm not an ISA 2000 expert so this situation it's a little traumatic for me. Please be patience.
Doing a telnet to www.mydomain.com 8443 I’ve received this message:
"Connecting to www.... could not open a connection to host on port 8443: Connect failed."
Just like a probe, I did a telnet to www.mydomain.com 110
The port has been opened
.
Hmm...If you are able to connect on 110 then the connectivity problem can be barred...Seems more like the Firewall blocking port 8443. Probably you may want to confirm the settings on ur FW...
ASKER
Settings in my ISA 2000 FW are just by default.
I really don't know how to manage or change any setting on it.
SBS 2000 require 2 NIC's and there was only one choice to do during installation: "To confirm which is the external NIC"
Which setting should I look in to the FW to confirm you and please tell me how to do it?
I really don't know how to manage or change any setting on it.
SBS 2000 require 2 NIC's and there was only one choice to do during installation: "To confirm which is the external NIC"
Which setting should I look in to the FW to confirm you and please tell me how to do it?
ASKER
I'm really sorry srikrishnak.
I need to say you that I've the solution for this question.
It was so simple...
I don't understand a lot what this tool do because I'm not an expert in ISA Server.
It works very well and it wasn't a head ache.
The URL is: http://www.isaserver.org/articles/2004tunnelportrange.html
Now I have a dude for the future.
The port 8443 that I've just opened is it always opened? What about security? How can I shut it again?
Thanks very much for your effort.
Best regards
macastri
I need to say you that I've the solution for this question.
It was so simple...
I don't understand a lot what this tool do because I'm not an expert in ISA Server.
It works very well and it wasn't a head ache.
The URL is: http://www.isaserver.org/articles/2004tunnelportrange.html
Now I have a dude for the future.
The port 8443 that I've just opened is it always opened? What about security? How can I shut it again?
Thanks very much for your effort.
Best regards
macastri
He ..Thats grt....No need to be sorry..:) If you got the solution yourself that means its very good for you....See,That you have realized that you can do it without any ones help..(I remember you saying you are not very sure how to change the settings etc)...Now I can sence your confidence...:) Have a great going buddy..and as you have got the answer yourself i guess you can rqeuest for your point return in community area....
My best wishes to you...
My best wishes to you...
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
If you are confident that you've opened the port already then the only thing is call the support personnel n tell them the error...