Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Port 8080 Denied Connection

Posted on 2008-10-14
11
Medium Priority
?
1,190 Views
Last Modified: 2012-05-05
I just installed ISA 2006 on a client's network. Everything seems to be working fine but when I look at the logs, I'm seeing that for every connection to the internet, ISA first sends a request to the web server over port 8080, which gets denied, and then over port 80, which gets accepted. Is this normal? If it is normal, why does it do that? If it is not normal, what do I do to fix this?
0
Comment
Question by:victornegri
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 5
11 Comments
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 22713566
open the ISA gui
select configuration - networks - internal - web proxy
what port have you set. 80 or 8080?
0
 
LVL 10

Author Comment

by:victornegri
ID: 22713588
8080
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 22713616
OK so its at the default.

Is ISA a domain member or a standalone box>
What authentication have you placed on the outbound rules?
0
Fill in the form and get your FREE NFR key NOW!

Veeam® is happy to provide a FREE NFR server license to certified engineers, trainers, and bloggers.  It allows for the non‑production use of Veeam Agent for Microsoft Windows. This license is valid for five workstations and two servers.

 
LVL 10

Author Comment

by:victornegri
ID: 22713671
Yeah, it's at the default 8080 (which is what we had the old ISA2000 box set to.

The computer is a domain member and I have Integrated Authentication on the outbound rules.
0
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 2000 total points
ID: 22713701
Just as a test, can you remove the authenticated users and replace with all users?

Sounds like the web proxy service is attempting connecting as anonymous - which is fine - realising it requires authentication so requests the credentials from the client - then remakes the attempt correctly. Nothing actually to worry about though.

I assume you are not running the ISA fwc?
0
 
LVL 10

Author Comment

by:victornegri
ID: 22713773
We are running the ISA FWC... some computers have the old version (the one that came with ISA2k) and some have the latest version.

We have many rules set up on ISA. Most users are not allowed to connect to the internet. Some are only allowed to connect to certain sites. A few are allowed to connect to anything they want. We have rules set up that limit a user to certain sites based on their group membership... so to answer your question, some rules apply to "All Users" while others apply to specific domain groups. None have "Authenticated Users".

So I can just filter out the 8080 requests in the log monitor? I just want to make sure we're not going to be showing up on firewall logs as attempting some hack attempt over 8080 on the websites my users are trying to access.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 22713845
No, I would suggest that if you review the log, the call is made from internal (on 8080) to localhost rather than internal to external - can you confirm?
0
 
LVL 10

Author Comment

by:victornegri
ID: 22713954
You're right. They all seem to be from internal to localhost. I could have sworn that I saw some from localhost to external but I guess I just read it incorrectly.

So I can ignore it?
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 22713966
yes - your clear :)
0
 
LVL 10

Author Comment

by:victornegri
ID: 22713976
Thanks.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 22713988
Welcome :)

Keith
0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have been asked to explain on many, many occasions the correct way to setup network cards and DNS settings on ISA Server 2004, 2006 and forefront Threat management gateway (FTMG) and have willing done so. I have also promised my self everytime tha…
Prologue It is often required to host multiple websites on a single instance of IIS, mostly in development environments instead of on production servers. I am sure it is not much a preferred solution on production servers but this is at least a pos…
Have you created a query with information for a calendar? ... and then, abra-cadabra, the calendar is done?! I am going to show you how to make that happen. Visualize your data!  ... really see it To use the code to create a calendar from a q…
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"! Step 1: Open a new google tab Step 2: Go to the left hand upper corn…
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question