Solved

ISA SERVER 2006

Posted on 2011-09-02
8
200 Views
Last Modified: 2012-05-12
We have an external https url to access, but it need a smart card authentication. I just test this with user without proxy and it´s work well.
I when i try with user that have proxy i receive a failed connection Agent
Error when i monitore by isa the pc
IP->0->SSL-Tunnel->failed Connection Agent-> anonimous
0
Comment
Question by:godinhadas
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 10

Expert Comment

by:simonlimon
ID: 36480137
So you are accessing an external site, not on your network through a proxy server?

Are you using HTTPS inspection with the TMG or are you using ISA 2006?
0
 

Author Comment

by:godinhadas
ID: 36482703
I am access an external site. this site is important for us to access and we are using  Https inspection with isa 2006
0
 
LVL 10

Expert Comment

by:simonlimon
ID: 36482721
My first suggestion would be to exclude this site from HTTPS inspection.

I would say that HTTPS inspection with client certificates should not work.
0
Office 365 Training for IT Pros

Learn how to provision Office 365 tenants, synchronize your on-premise Active Directory, and implement Single Sign-On.

 
LVL 23

Expert Comment

by:Suliman Abu Kharroub
ID: 36482764
adding to that, ISA does not have https capability. only TMG.

as a workaround you can add it as exception on IE proxy exception list.
0
 

Author Comment

by:godinhadas
ID: 36483138
I just try to create a exception but when we try to open the site look for certificate and smart card and doesnt open
0
 
LVL 29

Accepted Solution

by:
pwindell earned 500 total points
ID: 36489061
Smart Card Auth to "what"?  The Site or the Proxy?  You don't get both.  They are two entirely different things.

If the Site is what the Smart Card is for, then it is only going to authenticate to the site,...not the proxy,...you will have to authenticate to the proxy separately.   If you can come up with a way to do that then the proxy will have to be used anonymously for that particular site.
0
 
LVL 6

Expert Comment

by:infoplateform
ID: 36494449
can u share rule with us
0
 

Author Closing Comment

by:godinhadas
ID: 37213109
wqe solve the problem
0

Featured Post

Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Read this checklist to learn more about the 15 things you should never include in an email signature.
After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question