Solved

HTTPS connection through ISA Server 2000

Posted on 2008-09-30
1
420 Views
Last Modified: 2008-10-01
Windows Server 2003 with ISA Server 2000 hosting an internal web site.The external IP address is 209.92.xxx.x44 for the firewall which NATs both port 80 and port 443 traffic to the external NIC of the ISA Server 192.168.0.3.  Then, the traffic (at least for port 80) goes to the internal side/NIC where the web site is hosted on a server at 192.168.1.77.  All is well and works for port 80, however, port 443 does show when i run netstat (the connection is shown in the display), but you can't browse to it.

This gets kind of confusing, so I will try and illustrate this problem as best as I can.

On the LAN when I browse to the IP address of the ISA server 192.168.0.3 it works on port 80, but not port 443.  Yet, when I browse by http://localhost or httpS://localhost or http://192.168.1.77 or httpS://192.168.1.77 everything works as expected.

So, the SSL certificate is working through port 443 connections when you browse by the IP address of the server itself and localhost but the SSL certificate is NOT working with the IP address of the ISA Server 2000 192.168.0.3.  What is really troublesome is that I KNOW port 80 works with the IP address of the ISA Server 2000 192.168.0.3 and I can see the port 443 traffic when I do a netsat on the web site hosting server 192.168.1.77, so although it looks like I can blame the fault on the ISA Server, I really can't because it looks like the port 80 and port 443 traffic is being handled properly by the ISA Server.over to the web site hosting server on the inside 192.168.1.77...... just the SSL certificate can't display when you access the hosted site by the IP address of the ISA Server 192.168.0.3 (browser returns the generic "Page can't be displayed" error).

To avoid the questions, yes the web hosting side is setup as it should be with the certificate and web site properties setup to listen for port 80 and port 443 on all IP addresses.  That is obvious because the SSL certificate is displayed when you go to the IP of the web site hosting server itself 192.168.1.77
0
Comment
Question by:FlurbSnarf
1 Comment
 

Accepted Solution

by:
FlurbSnarf earned 0 total points
Comment Utility
Looks like adding a "Server Publishing Rule" in ISA and subsequent restart resolved the issue, but not 100% certain that is what fixed it.
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

What is an ISAPI filter?   •      It's an assembly (.dll file) that can add or change the way IIS works.   •      They can be enabled globally for your web server or on a site-by-site basis.   When the IIS server receives a request, enabling the ISAPI fi…
Microservice architecture adoption brings many advantages, but can add intricacy. Selecting the right orchestration tool is most important for business specific needs.
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now