Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

HTTPS connection through ISA Server 2000

Posted on 2008-09-30
1
Medium Priority
?
449 Views
Last Modified: 2008-10-01
Windows Server 2003 with ISA Server 2000 hosting an internal web site.The external IP address is 209.92.xxx.x44 for the firewall which NATs both port 80 and port 443 traffic to the external NIC of the ISA Server 192.168.0.3.  Then, the traffic (at least for port 80) goes to the internal side/NIC where the web site is hosted on a server at 192.168.1.77.  All is well and works for port 80, however, port 443 does show when i run netstat (the connection is shown in the display), but you can't browse to it.

This gets kind of confusing, so I will try and illustrate this problem as best as I can.

On the LAN when I browse to the IP address of the ISA server 192.168.0.3 it works on port 80, but not port 443.  Yet, when I browse by http://localhost or httpS://localhost or http://192.168.1.77 or httpS://192.168.1.77 everything works as expected.

So, the SSL certificate is working through port 443 connections when you browse by the IP address of the server itself and localhost but the SSL certificate is NOT working with the IP address of the ISA Server 2000 192.168.0.3.  What is really troublesome is that I KNOW port 80 works with the IP address of the ISA Server 2000 192.168.0.3 and I can see the port 443 traffic when I do a netsat on the web site hosting server 192.168.1.77, so although it looks like I can blame the fault on the ISA Server, I really can't because it looks like the port 80 and port 443 traffic is being handled properly by the ISA Server.over to the web site hosting server on the inside 192.168.1.77...... just the SSL certificate can't display when you access the hosted site by the IP address of the ISA Server 192.168.0.3 (browser returns the generic "Page can't be displayed" error).

To avoid the questions, yes the web hosting side is setup as it should be with the certificate and web site properties setup to listen for port 80 and port 443 on all IP addresses.  That is obvious because the SSL certificate is displayed when you go to the IP of the web site hosting server itself 192.168.1.77
0
Comment
Question by:FlurbSnarf
1 Comment
 

Accepted Solution

by:
FlurbSnarf earned 0 total points
ID: 22614366
Looks like adding a "Server Publishing Rule" in ISA and subsequent restart resolved the issue, but not 100% certain that is what fixed it.
0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

What is an ISAPI filter?   •      It's an assembly (.dll file) that can add or change the way IIS works.   •      They can be enabled globally for your web server or on a site-by-site basis.   When the IIS server receives a request, enabling the ISAPI fi…
If you don't have the right permissions set for your WordPress location in IIS, you won't be able to perform automatic updates. Here's how to fix the problem.
This Micro Tutorial will teach you how to add a cinematic look to any film or video out there. There are very few simple steps that you will follow to do so. This will be demonstrated using Adobe Premiere Pro CS6.
Kernel Data Recovery is a renowned Data Recovery solution provider which offers wide range of softwares for both enterprise and home users with its cost-effective solutions. Let's have a quick overview of the journey and data recovery tools range he…

577 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question