Solved

ISA Server 2004 Connections

Posted on 2009-07-14
9
758 Views
Last Modified: 2012-05-07
Hello, I'm using ISA Server 2004 with all the services pack. Until now the server is running ok, but now, there are a couple of users that need to access  a specific supplier website that runs some .js components. When that components try to access the internet I have 2 types of error in ISA Logging :
First i have this message " non-SYN packet was dropped because it was sent by a source that does not have an established connection with the ISA Server computer."
Second i have this one "10053 An established connection was aborted by the software in your host machine. "

After this messages the users get stuck in the website. They really need to work on this website and I don't know what I can do to solve this problem. I cannot disable webproxy like I already saw in some forum. I have a webfiltering tool that depends on Authentication specified on webproxy tab.

Wait for some reply, thanks in advance. Sorry about my english it's not my native language.
0
Comment
Question by:toxicrain
  • 5
  • 4
9 Comments
 
LVL 29

Expert Comment

by:pwindell
ID: 24852626
You have to run the Clients with the Firewall Client Software installed.
Many Web Applications will not authenticate with the Web Proxy Service due to bad design of the Applications.  So the Firewall Service must be used for them instead.
The JRE (applet  found in the Windows Control Panel) has to be set to use a Direct Connection.  The JRE must "believe" that there is no proxy.  This causes the JRE to not try to authenticate (and hence fail),...which then allows the Firewall Client Software to cover the Authentication.
0
 

Author Comment

by:toxicrain
ID: 24857003
First of all thanks for the fast reply. You speak about "The JRE (applet  found in the Windows Control Panel)", I can't locate this Icon. Are you refering to what in specific? Thanks in advance pwindell.
0
 
LVL 29

Expert Comment

by:pwindell
ID: 24858966
You said the Site used Java componenets,...Java Applets require the Java Runtime environment (JRE),...when the JRE is installed there is created a "Java" icon in Windows Control Panel.  The JRE needs to be configured as I said.  You actually said .js componenets, but  there is no such thing as .js components
There is a such things as Java Componenets which require the JRE,... and there is a such thing as ActiveX Controls which aren't part of this conversation,...but those are what components are.   Java and JavaScript are not the same thing.   JavaScript is nothing more than Client-Side Script and does the same thing as VBScript,...all they do is feed instructions to the browser and the browser (not a componenet) does the action.  Client-Side Script can also effect Java Applets (componenets) behavor, however the key to them still comes down to the JRE that it runs "inside of".  Client-Side Script can effect ActiveX Components but those are not in the context of this conversation.
0
 

Author Comment

by:toxicrain
ID: 24860815
Hello pwindell. I already saw the component in control panel that you refer in one of your last post and it works. Now I can change Java Network options. But now I have another problem. I was making some test and I saw that every profile has is own options. This is a problem because the specific user that is trying to access the site doesn't have permitions to access control panel. There is any way to change this options in some registry key or some configuration file located in some folder?
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 29

Expert Comment

by:pwindell
ID: 24860881
That is a really irritating over-sight on the part of Sun that created the JRE.  I know of know way around that other than temporarily giving the user access to Control Panel.  You'll have to complain to Sun about the fact that they don't give you a way to globally adjust the JRE,...but I doubt they are known for listening to anyone.
If you find a way (from Sun?), or if anyone else knows a way,..I would be interested in hearing it
0
 
LVL 29

Accepted Solution

by:
pwindell earned 50 total points
ID: 24860951
I did thing of a couple things....
Now the JRE may have an icon down by the Clock that opens the JRE Panel.
You also can go into the "bin" program folder of the JRE (ex.  C:\Program Files\Java\jre1.6.0_01\bin) and run the "javacpl.exe" file and get the same config dialog.  So if the user can get to they they would be alright.
0
 

Author Comment

by:toxicrain
ID: 24861437
Thanks a lot pwindell, your solution works ;). Thanks for all your help.
0
 

Author Closing Comment

by:toxicrain
ID: 31603357
The solutions presented by this user solved the problem.
0
 
LVL 29

Expert Comment

by:pwindell
ID: 24861501
Very good sir!
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
isa 2006 slowness 17 157
SFTP Behind ISA 2000 22 562
TMG Network Access Message: The page cannot be displayed 9 2,852
RDP access via TMG 11 516
In all versions of ISA Server and the current version of FTMG, the default https protocol uses TCP port 443 and 563 only. This cannot be changed within the ISA or FTMG GUI and must be completed from a Windows cmd prompt on the ISA Server itself. …
So the following errors occurs in 2 ways that I am aware of at this stage, and you receive one of the following error messages: ERROR 1. When trying to save a rule: No Web listener is specified for the Web publishing rule Autodiscovery Publishin…
In this video I am going to show you how to back up and restore Office 365 mailboxes using CodeTwo Backup for Office 365. Learn more about the tool used in this video here: http://www.codetwo.com/backup-for-office-365/ (http://www.codetwo.com/ba…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now