Solved

How Publish HTTPS Website under ISA 2006

Posted on 2011-10-01
10
555 Views
Last Modified: 2012-05-12
Hi Dear , i have PRTG Server on my Local Lan .

Now i want publish it under internet . i configure every thing like DNS and etc .

now when i want Try to Publish HTTPS it ask to me Certificate server ,

i have this Question , For Make Certificate on my PRTG Server i must install IIS and with that Request Certificate and add it on ISA Or Other Way .

Regards .
0
Comment
Question by:iMehran
  • 6
  • 4
10 Comments
 
LVL 15

Expert Comment

by:Jaroslav Mraz
ID: 36897030
PRTG is that monitor for lan? Becouse it is webserver. If it can conect to your CertServer you can conect directly. If not you can crete request there and and upload it as preperet request on web console https://server/certsrv it automaticly progres your request and get you certificate to download it intuitive. Or you can create new cetificate directly in console or in mmc snapin.

http://technet.microsoft.com/en-us/library/cc739375(WS.10).aspx  - web console

http://www.techrepublic.com/article/using-the-certificate-mmc-snap-in-with-windows-2000-pro/1047512 - mmc

But if its working as standart you just need to redirect port 443 becouse it using standartly includet SSL and selfgenered certifiacte.
0
 

Author Comment

by:iMehran
ID: 36897066
Very thanks for your answer , yes its for monitor lan .
And yes i think i must just redirect it .
Can tell me how could i redirect it on isa ?
I must published web site on isa ?
I did some things my self and i see logon error in test rule .

Regards ...
0
 
LVL 15

Expert Comment

by:Jaroslav Mraz
ID: 36897086
yes you can publish it as WEB SITE.

http://technet.microsoft.com/en-us/library/cc302545.aspx - publishing website on ISA

or you can change port for web access to ssl then you can call https://adress:your_own_port

and here are instruction how to redirect any port throw ISA :D

http://forums.isaserver.org/m_2002005866/mpage_1/key_/tm.htm#2002005866
0
 

Author Comment

by:iMehran
ID: 36897115
Thank you so much .
If my internal is : https://192.168.1.1 and when i enter this site i saw prtg authentication login .
Now after i publish site and create listener i must
Add authentication method . Please help me witch of these is right for me ?
Cause in listener when i click test rule i saw logon error
On detail .

Regards .
0
 
LVL 15

Expert Comment

by:Jaroslav Mraz
ID: 36897132
On webserver becouse the databes is there. If you are using AD on PRTG server you can try even AD. Port is 443 as SSL id you login from interent. But now i get one idea dindt you using something on the port 443 also on same ISA?
0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 

Author Comment

by:iMehran
ID: 36897218
Thanks again , the prtg dont use AD for login ,
And it using it own user name and password .
I think i must just publish it whithout any authentication cause it use it own authenticate .
Can you explain more about your idea ? And tell me more info ?

Very thanks ,

Regards .
0
 

Author Comment

by:iMehran
ID: 36897219
Thanks again , the prtg dont use AD for login ,
And it using it own user name and password .
I think i must just publish it whithout any authentication cause it use it own authenticate .
Can you explain more about your idea ? And tell me more info ?

Very thanks ,

Regards .
0
 
LVL 15

Accepted Solution

by:
Jaroslav Mraz earned 500 total points
ID: 36897286
If you have choise publish it without autentification this will be best if not on Webserver metohd shoud be the same but told other words :)

Ok my other idea is that you can change SSL port from 443 to something els in PRTG so microsft cant control what you are douing and just use port forawding ISA guid witch is up. So if you change port example for 5554 you can acces it as https://server_IP_EXTERNAL_OR_INTERNAL:5554  so you can oweride control :D microsoft or this IDP sonds and detection servis wil dont know what are you transfering and douing on that port soo cant block anything :)

and second idea

if you using any HTTPS servis from internet on port 443 you can use second thing. Use port forawding also but you just change internet port and redirection for 5554 to 443 on local IP.

Then you will be using https://INTERNET_IP:5554 and https://local_IP for local conection.
0
 

Author Comment

by:iMehran
ID: 36898510
so thanks for your Answers ,

i change My Port on PRTG now its : https://192.168.1.1:5557 as internal Link .

But in PRTG Server i just have Private IP Address ( 192.168.1.1 ) and in ISA I have Valid IP .

Then as you said "https://server_IP_EXTERNAL_OR_INTERNAL:5554" What is My IP External ? are You mean My ISA IP Address ?
i made DNS prtg.domain.com and put it My Valid ip Address on ISA , Now when in internet i Ping it , it Back to me My Correct Valid IP Address for ISA .
now how Can i Redirect it to my Internal Server ?

Really Thanks .
0
 

Author Closing Comment

by:iMehran
ID: 36898533
So nice Answer , i did it and every thing Work Well . .

Thanks Again .
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Branch Office Setup - Where to Start 6 64
RDP to TMG Firewall 6 285
TMG Forefront 6 371
Unable to open website 1 81
In all versions of ISA Server and the current version of FTMG, the default https protocol uses TCP port 443 and 563 only. This cannot be changed within the ISA or FTMG GUI and must be completed from a Windows cmd prompt on the ISA Server itself. …
Forefront Threat Management Gateway 2010 or FTMG comes with some very neat troubleshooting tools built-in when trying to identify what is actually happening behind the scenes within the product when traffic is passing through its interfaces. To the …
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now