Solved

ISA Server 2004 Connections

Posted on 2009-07-14
9
745 Views
Last Modified: 2012-05-07
Hello, I'm using ISA Server 2004 with all the services pack. Until now the server is running ok, but now, there are a couple of users that need to access  a specific supplier website that runs some .js components. When that components try to access the internet I have 2 types of error in ISA Logging :
First i have this message " non-SYN packet was dropped because it was sent by a source that does not have an established connection with the ISA Server computer."
Second i have this one "10053 An established connection was aborted by the software in your host machine. "

After this messages the users get stuck in the website. They really need to work on this website and I don't know what I can do to solve this problem. I cannot disable webproxy like I already saw in some forum. I have a webfiltering tool that depends on Authentication specified on webproxy tab.

Wait for some reply, thanks in advance. Sorry about my english it's not my native language.
0
Comment
Question by:toxicrain
  • 5
  • 4
9 Comments
 
LVL 29

Expert Comment

by:pwindell
ID: 24852626
You have to run the Clients with the Firewall Client Software installed.
Many Web Applications will not authenticate with the Web Proxy Service due to bad design of the Applications.  So the Firewall Service must be used for them instead.
The JRE (applet  found in the Windows Control Panel) has to be set to use a Direct Connection.  The JRE must "believe" that there is no proxy.  This causes the JRE to not try to authenticate (and hence fail),...which then allows the Firewall Client Software to cover the Authentication.
0
 

Author Comment

by:toxicrain
ID: 24857003
First of all thanks for the fast reply. You speak about "The JRE (applet  found in the Windows Control Panel)", I can't locate this Icon. Are you refering to what in specific? Thanks in advance pwindell.
0
 
LVL 29

Expert Comment

by:pwindell
ID: 24858966
You said the Site used Java componenets,...Java Applets require the Java Runtime environment (JRE),...when the JRE is installed there is created a "Java" icon in Windows Control Panel.  The JRE needs to be configured as I said.  You actually said .js componenets, but  there is no such thing as .js components
There is a such things as Java Componenets which require the JRE,... and there is a such thing as ActiveX Controls which aren't part of this conversation,...but those are what components are.   Java and JavaScript are not the same thing.   JavaScript is nothing more than Client-Side Script and does the same thing as VBScript,...all they do is feed instructions to the browser and the browser (not a componenet) does the action.  Client-Side Script can also effect Java Applets (componenets) behavor, however the key to them still comes down to the JRE that it runs "inside of".  Client-Side Script can effect ActiveX Components but those are not in the context of this conversation.
0
 

Author Comment

by:toxicrain
ID: 24860815
Hello pwindell. I already saw the component in control panel that you refer in one of your last post and it works. Now I can change Java Network options. But now I have another problem. I was making some test and I saw that every profile has is own options. This is a problem because the specific user that is trying to access the site doesn't have permitions to access control panel. There is any way to change this options in some registry key or some configuration file located in some folder?
0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 
LVL 29

Expert Comment

by:pwindell
ID: 24860881
That is a really irritating over-sight on the part of Sun that created the JRE.  I know of know way around that other than temporarily giving the user access to Control Panel.  You'll have to complain to Sun about the fact that they don't give you a way to globally adjust the JRE,...but I doubt they are known for listening to anyone.
If you find a way (from Sun?), or if anyone else knows a way,..I would be interested in hearing it
0
 
LVL 29

Accepted Solution

by:
pwindell earned 50 total points
ID: 24860951
I did thing of a couple things....
Now the JRE may have an icon down by the Clock that opens the JRE Panel.
You also can go into the "bin" program folder of the JRE (ex.  C:\Program Files\Java\jre1.6.0_01\bin) and run the "javacpl.exe" file and get the same config dialog.  So if the user can get to they they would be alright.
0
 

Author Comment

by:toxicrain
ID: 24861437
Thanks a lot pwindell, your solution works ;). Thanks for all your help.
0
 

Author Closing Comment

by:toxicrain
ID: 31603357
The solutions presented by this user solved the problem.
0
 
LVL 29

Expert Comment

by:pwindell
ID: 24861501
Very good sir!
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
TMG 2010 with OWA - HTTP Attacks 3 460
Public Name tab under TMG Firewall Policy 2 797
Exchange 2010 OWA 403 error 7 716
isa 2006 2 553
ISA Server detected routes through the network adapter LAN that do not correlate with the network to which this network adapter belongs What does this mean and how can one go about correcting it? In simple terms, this error message indicates t…
So the following errors occurs in 2 ways that I am aware of at this stage, and you receive one of the following error messages: ERROR 1. When trying to save a rule: No Web listener is specified for the Web publishing rule Autodiscovery Publishin…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now