• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 877
  • Last Modified:

ISA server 2004 and SurfControl Reports

I am having trouble making SurfControl Reporting work.  When I attempt to access my SurfControl Reports, I receive the following error message.

Network Access Message: The page cannot be displayed
 
Technical Information (for Support personnel)
Error Code: 502 Proxy Error. The specified Secure Sockets Layer (SSL) port is not allowed. ISA Server is not configured to allow SSL requests from this port. Most Web browsers use port 443 for SSL requests. (12204)
IP Address: 10.0.0.1
Date: 3/28/2006 8:11:51 PM <LI
 
Can anyone assist me in resolving this problem?

Thanks

Cliff
0
crp0499
Asked:
crp0499
  • 6
  • 5
  • 3
1 Solution
 
IPKON_NetworksCommented:
Obvious question. Have you set up a rule to allow IP traffic on port 443 from your SurfControl server to the ISA server? If it is the same box, then this will still need a rule as SurfControl is a web based application. It also uses port 3910 so you may need to open this up as well.

If you are able, can you open any to any and see if that works, then re-enable your rules until it stops?

Is there a log reference showing which rule rejected the traffic (I expect it to be your catch all block any any).

Hope this helps
Barny
0
 
crp0499Author Commented:
MY ISA and SurfControl server are one in the same.  I'm thinking I need an internal to internal connection, right?
0
 
Keith AlabasterCommented:
Are you connecting to the surfcontrol on the external ip address or the internal ip address of ISA?
Isa only supports ssl on port 443 'out-of-the-box' It will not use other ssl port numbers (there is a script to run if you want to do that)

If you connect to the internal ISA ip and the port number does it work then?
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
crp0499Author Commented:
I haven't gotten that far yet.  I just found out that my default web site was stopped and would not start.  I've gotten that taken care of, now I'm reinstalling the reporting tool.
0
 
IPKON_NetworksCommented:
Yep. I would say so. Your SurfControl will be using Web access to get present the application and so will go straight to ISA for its rules.

Set up a rule for SC that has port groups of 443 and 3910. I believe this is enough as I can't find anything else that it uses.

Barny
0
 
Keith AlabasterCommented:
There should be no rules involved as the surfcontrol and the ISA are installed (I assume) on the same server.
0
 
crp0499Author Commented:
Yes, on same server.  So you're saying if SC is installed in the ISA, then there should be no rules required?
0
 
Keith AlabasterCommented:
Correct as the rule would to allow local host to talk to local host.

i assume you have the standard rule that lets local host and internal talk to each other anyway.. As mentioned above, the 'funnies' start when you try to specifically call the external interface of the ISA using https for a port other than 443.

regards
keith
0
 
crp0499Author Commented:
At this point, when I logged into the server, the default web site was stopped.  It would not start on port 80 as that file was in use by another process.  So, I changed the port on the default web site to 8081 and it started.  I assumed reporting would fail so long as the default web site was not running anyway, so I'd better solve that problem first.

Now, with the default web site up and running, I have moved to the problem of the reporting.  During my previous efforts, I uninstalled IIS and reinstalled it.  That trashed my subfolders that were established for reporting so I plan now to reinstall the reporting tool and go from there.  I also plan on leaving SSL on 443 and not jacking with it.

How's my plan sound?
0
 
Keith AlabasterCommented:
I'm a great believer in keeping it simple. Sounds good to me.
0
 
IPKON_NetworksCommented:
Keith, you are right about the local host. It's been a long day and I'm missing the bleeding obvious !!!!

Barny
0
 
Keith AlabasterCommented:
Don't beat up on it :)  (wait till after he/she has it working lol).Its nearly 1AM here and I am out on my feet so going to bed.


0
 
crp0499Author Commented:
Well, it works.  Report manager has to be installed on a seperate server from ISA/Surf Control.  We installed it on a diff server running IIS and it works great!

It took two hours on the phone with Surf Control to figure it out.  Their support is free and they did a WEB Ex session and did all the work.

0
 
Keith AlabasterCommented:
Glad to hear it. Good for Surf Control tech support.



0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 6
  • 5
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now