Solved

ISA SERVER 2006

Posted on 2011-09-02
8
199 Views
Last Modified: 2012-05-12
We have an external https url to access, but it need a smart card authentication. I just test this with user without proxy and it´s work well.
I when i try with user that have proxy i receive a failed connection Agent
Error when i monitore by isa the pc
IP->0->SSL-Tunnel->failed Connection Agent-> anonimous
0
Comment
Question by:godinhadas
8 Comments
 
LVL 10

Expert Comment

by:simonlimon
ID: 36480137
So you are accessing an external site, not on your network through a proxy server?

Are you using HTTPS inspection with the TMG or are you using ISA 2006?
0
 

Author Comment

by:godinhadas
ID: 36482703
I am access an external site. this site is important for us to access and we are using  Https inspection with isa 2006
0
 
LVL 10

Expert Comment

by:simonlimon
ID: 36482721
My first suggestion would be to exclude this site from HTTPS inspection.

I would say that HTTPS inspection with client certificates should not work.
0
Free eBook: Backup on AWS

Everything you need to know about backup and disaster recovery with AWS, for FREE!

 
LVL 23

Expert Comment

by:Suliman Abu Kharroub
ID: 36482764
adding to that, ISA does not have https capability. only TMG.

as a workaround you can add it as exception on IE proxy exception list.
0
 

Author Comment

by:godinhadas
ID: 36483138
I just try to create a exception but when we try to open the site look for certificate and smart card and doesnt open
0
 
LVL 29

Accepted Solution

by:
pwindell earned 500 total points
ID: 36489061
Smart Card Auth to "what"?  The Site or the Proxy?  You don't get both.  They are two entirely different things.

If the Site is what the Smart Card is for, then it is only going to authenticate to the site,...not the proxy,...you will have to authenticate to the proxy separately.   If you can come up with a way to do that then the proxy will have to be used anonymously for that particular site.
0
 
LVL 6

Expert Comment

by:infoplateform
ID: 36494449
can u share rule with us
0
 

Author Closing Comment

by:godinhadas
ID: 37213109
wqe solve the problem
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Common practice undertaken by most system administrators is to document the configurations and final solutions of anything performed by them for their future use and reference. So here I am going to explain how to export ISA Server 2004 Firewall pol…
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question