Solved

error when logging to ssl port other than 443

Posted on 2008-10-09
9
995 Views
Last Modified: 2012-05-05
Hi, I have a problem for a client that has to connect to a secure website on a port 8443.
I ran isa_tpr.js as I read in other request and configured the two port requested, 8443 e 9000. when I try to connect to the website from the server it works fine, but if i try to connect from the client it doesn't work. so the error is a rule that miss and I don't know what for a kind of rule I have to do. the client can go in internet on normal web page. it has a proxy configured that is the sbs 2003 with isa 2004
0
Comment
Question by:Riccardo71
  • 4
  • 4
9 Comments
 
LVL 6

Expert Comment

by:Hardeep_Saluja
ID: 22683462
Hi Riccardo,

Whatis the exact error?
0
 

Author Comment

by:Riccardo71
ID: 22684673
The error is always the same
error code 502 proxy error. the specyfied secure socket layer (ssl) port is not allowed. isa server is not configured to allow ssl request from this port. most web browser use port 443 for ssl request.(12204)
but when I try from the server it opens the web site correctly
0
 

Accepted Solution

by:
Intrepidfox25 earned 400 total points
ID: 22738987
Hi you need to add this port to ISA's range see http://support.microsoft.com/kb/283284 copy the VB script syntax and where is has the 'AddRange("SSL 9443", 9443, 9443)' you just replace the 9443 entries with 8443,

Hope this helps
0
 

Author Comment

by:Riccardo71
ID: 22794019
Hi, I've read the article that it explains only of the server configuration but nothing is said about specifical configuration for the client. I've done it and the server can navigate in the ssl page.but the client is blocked. the client can navigate in http pages but when I try the ssl page with port 8443. I'm blocked with the usual message. I've tried in a test virtual environment. I will try by the customer and perhaps It will function. bye
0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 

Expert Comment

by:Intrepidfox25
ID: 22794133
Hi I would expect the server to be able to navigate as it wont be going throught the web proxy service it would have a direct connection out to the internet? Give it a go let us know how you get on.
0
 

Author Comment

by:Riccardo71
ID: 22794398
I think You have understood the problem. infact the server has non proxy, instead the client has the proxy configuration and so has to be. so, what type of rule have I to do to let navigate the client?
thanks in advance
0
 

Expert Comment

by:Intrepidfox25
ID: 22794588
It is not a rule that is blocking this as such as the client can connect to http and i assume standard https sites, the problem is ISA will only connect to https sites on standard 443 so if you have a non standard SSL port like 8443 you need to add it to ISA's range of ports which you do by running the script in the KB article above.
0
 

Expert Comment

by:Intrepidfox25
ID: 22794822
Just to confirm you must run this on the ISA server itself not the client machine.
0
 

Author Comment

by:Riccardo71
ID: 22797155
ok. The first time I've tried, I used a script called isa_tpr.js, which I found mentioned in this website. It has functioned only for the server, I don't know why. Perhaps My test environment had some problems. Know I've tried with the method of the article 283284 and it runs fine. I will try to the customer and I will come back to confirm. hi
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

The SBS 2011 release date (RTM) is supposed to be around Christmas, 2011.  This article is a compilation of my notes -- things I have learned first hand.  The items are in a rather random order, but I think this list covers most of what is new and d…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now