Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2756
  • Last Modified:

isa 2006 - edit policy to allow https ports 8443 and 8445

We need to enable ports 8443 and 8445 on our ISA server. We can't see where to do this and because we have very basic knowledge are worried about making changes or using tools that might screw up our configuration. can anyone help.
0
citywesthomes
Asked:
citywesthomes
1 Solution
 
Raj-GTSystems EngineerCommented:
By default ISA Server will not allow Web Proxy connections using a non standard port. You will have to create a "Proxy Tunnel Port Range" to tell ISA server to allow web proxy traffic through this port. (By default Web Proxy filter will only allow 80 (HTTP), 443 (HTTPS) and 563 (NTP) throught the proxy filter)

You can create a new tunnel port range under
HKEY_LOCAL_MACHINE\IsaStg_Eff1Policy\WebProxy\Proxy-TunnelPortRanges

(just use the existing entries there as example; I am away from my ISA Server and I don't remember the exact syntax)

You can also use "ISA Server tunnel port tool" from isatools.org to create custom port ranges. Run the script from your ISA Server and follow the instructions to create the new port bindings. Once that is done, create a custom protocol with TCP 8080 outgoing and add it to your Allow Internet access rule.

A guide on using the tool can be found here - http://www.isaserver.org/articles/2004tunnelportrange.html

Thanks,
Raj
0
 
citywesthomesAuthor Commented:
This reinforced solutions we'd found in other places and has done  the trick, so thank you.
0

Featured Post

[Webinar] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now