Solved

How Publish HTTPS Website under ISA 2006

Posted on 2011-10-01
10
593 Views
Last Modified: 2012-05-12
Hi Dear , i have PRTG Server on my Local Lan .

Now i want publish it under internet . i configure every thing like DNS and etc .

now when i want Try to Publish HTTPS it ask to me Certificate server ,

i have this Question , For Make Certificate on my PRTG Server i must install IIS and with that Request Certificate and add it on ISA Or Other Way .

Regards .
0
Comment
Question by:iMehran
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4
10 Comments
 
LVL 15

Expert Comment

by:Jaroslav Mraz
ID: 36897030
PRTG is that monitor for lan? Becouse it is webserver. If it can conect to your CertServer you can conect directly. If not you can crete request there and and upload it as preperet request on web console https://server/certsrv it automaticly progres your request and get you certificate to download it intuitive. Or you can create new cetificate directly in console or in mmc snapin.

http://technet.microsoft.com/en-us/library/cc739375(WS.10).aspx  - web console

http://www.techrepublic.com/article/using-the-certificate-mmc-snap-in-with-windows-2000-pro/1047512 - mmc

But if its working as standart you just need to redirect port 443 becouse it using standartly includet SSL and selfgenered certifiacte.
0
 

Author Comment

by:iMehran
ID: 36897066
Very thanks for your answer , yes its for monitor lan .
And yes i think i must just redirect it .
Can tell me how could i redirect it on isa ?
I must published web site on isa ?
I did some things my self and i see logon error in test rule .

Regards ...
0
 
LVL 15

Expert Comment

by:Jaroslav Mraz
ID: 36897086
yes you can publish it as WEB SITE.

http://technet.microsoft.com/en-us/library/cc302545.aspx - publishing website on ISA

or you can change port for web access to ssl then you can call https://adress:your_own_port

and here are instruction how to redirect any port throw ISA :D

http://forums.isaserver.org/m_2002005866/mpage_1/key_/tm.htm#2002005866
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:iMehran
ID: 36897115
Thank you so much .
If my internal is : https://192.168.1.1 and when i enter this site i saw prtg authentication login .
Now after i publish site and create listener i must
Add authentication method . Please help me witch of these is right for me ?
Cause in listener when i click test rule i saw logon error
On detail .

Regards .
0
 
LVL 15

Expert Comment

by:Jaroslav Mraz
ID: 36897132
On webserver becouse the databes is there. If you are using AD on PRTG server you can try even AD. Port is 443 as SSL id you login from interent. But now i get one idea dindt you using something on the port 443 also on same ISA?
0
 

Author Comment

by:iMehran
ID: 36897218
Thanks again , the prtg dont use AD for login ,
And it using it own user name and password .
I think i must just publish it whithout any authentication cause it use it own authenticate .
Can you explain more about your idea ? And tell me more info ?

Very thanks ,

Regards .
0
 

Author Comment

by:iMehran
ID: 36897219
Thanks again , the prtg dont use AD for login ,
And it using it own user name and password .
I think i must just publish it whithout any authentication cause it use it own authenticate .
Can you explain more about your idea ? And tell me more info ?

Very thanks ,

Regards .
0
 
LVL 15

Accepted Solution

by:
Jaroslav Mraz earned 500 total points
ID: 36897286
If you have choise publish it without autentification this will be best if not on Webserver metohd shoud be the same but told other words :)

Ok my other idea is that you can change SSL port from 443 to something els in PRTG so microsft cant control what you are douing and just use port forawding ISA guid witch is up. So if you change port example for 5554 you can acces it as https://server_IP_EXTERNAL_OR_INTERNAL:5554  so you can oweride control :D microsoft or this IDP sonds and detection servis wil dont know what are you transfering and douing on that port soo cant block anything :)

and second idea

if you using any HTTPS servis from internet on port 443 you can use second thing. Use port forawding also but you just change internet port and redirection for 5554 to 443 on local IP.

Then you will be using https://INTERNET_IP:5554 and https://local_IP for local conection.
0
 

Author Comment

by:iMehran
ID: 36898510
so thanks for your Answers ,

i change My Port on PRTG now its : https://192.168.1.1:5557 as internal Link .

But in PRTG Server i just have Private IP Address ( 192.168.1.1 ) and in ISA I have Valid IP .

Then as you said "https://server_IP_EXTERNAL_OR_INTERNAL:5554" What is My IP External ? are You mean My ISA IP Address ?
i made DNS prtg.domain.com and put it My Valid ip Address on ISA , Now when in internet i Ping it , it Back to me My Correct Valid IP Address for ISA .
now how Can i Redirect it to my Internal Server ?

Really Thanks .
0
 

Author Closing Comment

by:iMehran
ID: 36898533
So nice Answer , i did it and every thing Work Well . .

Thanks Again .
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
ISA 2006 Server question 3 519
Alternatives to replacing ISA forefront server for URL redirect 6 482
ForFront TMG Server Error 8 110
TMG 2010 Deployment 3 112
Microsoft's ISA Server has been its pre-eminent security product for about a decade and is still regarded amongst the well-informed as one of the best software firewalls and application gateways ever released, by any manufacturer. ISA Server has bee…
There are several problems reported according slow link speeds or poor performance in TMG 2010, UAG 2010 or ISA 2006. I want to collect here some of the common issues together to give a brief overview what can be the reason. Nevertheless, not all of…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question