[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

ISA SERVER 2006

Posted on 2011-09-02
8
Medium Priority
?
207 Views
Last Modified: 2012-05-12
We have an external https url to access, but it need a smart card authentication. I just test this with user without proxy and it´s work well.
I when i try with user that have proxy i receive a failed connection Agent
Error when i monitore by isa the pc
IP->0->SSL-Tunnel->failed Connection Agent-> anonimous
0
Comment
Question by:godinhadas
8 Comments
 
LVL 10

Expert Comment

by:simonlimon
ID: 36480137
So you are accessing an external site, not on your network through a proxy server?

Are you using HTTPS inspection with the TMG or are you using ISA 2006?
0
 

Author Comment

by:godinhadas
ID: 36482703
I am access an external site. this site is important for us to access and we are using  Https inspection with isa 2006
0
 
LVL 10

Expert Comment

by:simonlimon
ID: 36482721
My first suggestion would be to exclude this site from HTTPS inspection.

I would say that HTTPS inspection with client certificates should not work.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
LVL 23

Expert Comment

by:Suliman Abu Kharroub
ID: 36482764
adding to that, ISA does not have https capability. only TMG.

as a workaround you can add it as exception on IE proxy exception list.
0
 

Author Comment

by:godinhadas
ID: 36483138
I just try to create a exception but when we try to open the site look for certificate and smart card and doesnt open
0
 
LVL 29

Accepted Solution

by:
pwindell earned 1500 total points
ID: 36489061
Smart Card Auth to "what"?  The Site or the Proxy?  You don't get both.  They are two entirely different things.

If the Site is what the Smart Card is for, then it is only going to authenticate to the site,...not the proxy,...you will have to authenticate to the proxy separately.   If you can come up with a way to do that then the proxy will have to be used anonymously for that particular site.
0
 
LVL 6

Expert Comment

by:infoplateform
ID: 36494449
can u share rule with us
0
 

Author Closing Comment

by:godinhadas
ID: 37213109
wqe solve the problem
0

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If something goes wrong with Exchange, your IT resources are in trouble.All Exchange server migration processes are not designed to be identical and though migrating email from on-premises Exchange mailbox to Cloud’s Office 365 is relatively simple…
Stellar Exchange Toolkit: this 5 in 1 toolkit comes loaded with mega-software tool. Here’s an introduction to tools’ usage and advantages:
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
how to add IIS SMTP to handle application/Scanner relays into office 365.
Suggested Courses

873 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question