Solved

How Publish HTTPS Website under ISA 2006

Posted on 2011-10-01
10
578 Views
Last Modified: 2012-05-12
Hi Dear , i have PRTG Server on my Local Lan .

Now i want publish it under internet . i configure every thing like DNS and etc .

now when i want Try to Publish HTTPS it ask to me Certificate server ,

i have this Question , For Make Certificate on my PRTG Server i must install IIS and with that Request Certificate and add it on ISA Or Other Way .

Regards .
0
Comment
Question by:iMehran
  • 6
  • 4
10 Comments
 
LVL 15

Expert Comment

by:Jaroslav Mraz
ID: 36897030
PRTG is that monitor for lan? Becouse it is webserver. If it can conect to your CertServer you can conect directly. If not you can crete request there and and upload it as preperet request on web console https://server/certsrv it automaticly progres your request and get you certificate to download it intuitive. Or you can create new cetificate directly in console or in mmc snapin.

http://technet.microsoft.com/en-us/library/cc739375(WS.10).aspx  - web console

http://www.techrepublic.com/article/using-the-certificate-mmc-snap-in-with-windows-2000-pro/1047512 - mmc

But if its working as standart you just need to redirect port 443 becouse it using standartly includet SSL and selfgenered certifiacte.
0
 

Author Comment

by:iMehran
ID: 36897066
Very thanks for your answer , yes its for monitor lan .
And yes i think i must just redirect it .
Can tell me how could i redirect it on isa ?
I must published web site on isa ?
I did some things my self and i see logon error in test rule .

Regards ...
0
 
LVL 15

Expert Comment

by:Jaroslav Mraz
ID: 36897086
yes you can publish it as WEB SITE.

http://technet.microsoft.com/en-us/library/cc302545.aspx - publishing website on ISA

or you can change port for web access to ssl then you can call https://adress:your_own_port

and here are instruction how to redirect any port throw ISA :D

http://forums.isaserver.org/m_2002005866/mpage_1/key_/tm.htm#2002005866
0
Courses: Start Training Online With Pros, Today

Brush up on the basics or master the advanced techniques required to earn essential industry certifications, with Courses. Enroll in a course and start learning today. Training topics range from Android App Dev to the Xen Virtualization Platform.

 

Author Comment

by:iMehran
ID: 36897115
Thank you so much .
If my internal is : https://192.168.1.1 and when i enter this site i saw prtg authentication login .
Now after i publish site and create listener i must
Add authentication method . Please help me witch of these is right for me ?
Cause in listener when i click test rule i saw logon error
On detail .

Regards .
0
 
LVL 15

Expert Comment

by:Jaroslav Mraz
ID: 36897132
On webserver becouse the databes is there. If you are using AD on PRTG server you can try even AD. Port is 443 as SSL id you login from interent. But now i get one idea dindt you using something on the port 443 also on same ISA?
0
 

Author Comment

by:iMehran
ID: 36897218
Thanks again , the prtg dont use AD for login ,
And it using it own user name and password .
I think i must just publish it whithout any authentication cause it use it own authenticate .
Can you explain more about your idea ? And tell me more info ?

Very thanks ,

Regards .
0
 

Author Comment

by:iMehran
ID: 36897219
Thanks again , the prtg dont use AD for login ,
And it using it own user name and password .
I think i must just publish it whithout any authentication cause it use it own authenticate .
Can you explain more about your idea ? And tell me more info ?

Very thanks ,

Regards .
0
 
LVL 15

Accepted Solution

by:
Jaroslav Mraz earned 500 total points
ID: 36897286
If you have choise publish it without autentification this will be best if not on Webserver metohd shoud be the same but told other words :)

Ok my other idea is that you can change SSL port from 443 to something els in PRTG so microsft cant control what you are douing and just use port forawding ISA guid witch is up. So if you change port example for 5554 you can acces it as https://server_IP_EXTERNAL_OR_INTERNAL:5554  so you can oweride control :D microsoft or this IDP sonds and detection servis wil dont know what are you transfering and douing on that port soo cant block anything :)

and second idea

if you using any HTTPS servis from internet on port 443 you can use second thing. Use port forawding also but you just change internet port and redirection for 5554 to 443 on local IP.

Then you will be using https://INTERNET_IP:5554 and https://local_IP for local conection.
0
 

Author Comment

by:iMehran
ID: 36898510
so thanks for your Answers ,

i change My Port on PRTG now its : https://192.168.1.1:5557 as internal Link .

But in PRTG Server i just have Private IP Address ( 192.168.1.1 ) and in ISA I have Valid IP .

Then as you said "https://server_IP_EXTERNAL_OR_INTERNAL:5554" What is My IP External ? are You mean My ISA IP Address ?
i made DNS prtg.domain.com and put it My Valid ip Address on ISA , Now when in internet i Ping it , it Back to me My Correct Valid IP Address for ISA .
now how Can i Redirect it to my Internal Server ?

Really Thanks .
0
 

Author Closing Comment

by:iMehran
ID: 36898533
So nice Answer , i did it and every thing Work Well . .

Thanks Again .
0

Featured Post

Gigs: Get Your Project Delivered by an Expert

Select from freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
TMG ISP Redudancy and DNS 11 660
Lync 2013 Test Connectivity error 34 11,035
Forefront Unified Access Gateway 3 72
TMG 2010 Deployment 3 94
I have been asked to explain on many, many occasions the correct way to setup network cards and DNS settings on ISA Server 2004, 2006 and forefront Threat management gateway (FTMG) and have willing done so. I have also promised my self everytime tha…
Common practice undertaken by most system administrators is to document the configurations and final solutions of anything performed by them for their future use and reference. So here I am going to explain how to export ISA Server 2004 Firewall pol…
This Micro Tutorial demonstrates using Microsoft Excel pivot tables, how to reverse engineer competitors' marketing strategies through backlinks.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

785 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question