?
Solved

How Publish HTTPS Website under ISA 2006

Posted on 2011-10-01
10
Medium Priority
?
600 Views
Last Modified: 2012-05-12
Hi Dear , i have PRTG Server on my Local Lan .

Now i want publish it under internet . i configure every thing like DNS and etc .

now when i want Try to Publish HTTPS it ask to me Certificate server ,

i have this Question , For Make Certificate on my PRTG Server i must install IIS and with that Request Certificate and add it on ISA Or Other Way .

Regards .
0
Comment
Question by:iMehran
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4
10 Comments
 
LVL 15

Expert Comment

by:Jaroslav Mraz
ID: 36897030
PRTG is that monitor for lan? Becouse it is webserver. If it can conect to your CertServer you can conect directly. If not you can crete request there and and upload it as preperet request on web console https://server/certsrv it automaticly progres your request and get you certificate to download it intuitive. Or you can create new cetificate directly in console or in mmc snapin.

http://technet.microsoft.com/en-us/library/cc739375(WS.10).aspx  - web console

http://www.techrepublic.com/article/using-the-certificate-mmc-snap-in-with-windows-2000-pro/1047512 - mmc

But if its working as standart you just need to redirect port 443 becouse it using standartly includet SSL and selfgenered certifiacte.
0
 

Author Comment

by:iMehran
ID: 36897066
Very thanks for your answer , yes its for monitor lan .
And yes i think i must just redirect it .
Can tell me how could i redirect it on isa ?
I must published web site on isa ?
I did some things my self and i see logon error in test rule .

Regards ...
0
 
LVL 15

Expert Comment

by:Jaroslav Mraz
ID: 36897086
yes you can publish it as WEB SITE.

http://technet.microsoft.com/en-us/library/cc302545.aspx - publishing website on ISA

or you can change port for web access to ssl then you can call https://adress:your_own_port

and here are instruction how to redirect any port throw ISA :D

http://forums.isaserver.org/m_2002005866/mpage_1/key_/tm.htm#2002005866
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:iMehran
ID: 36897115
Thank you so much .
If my internal is : https://192.168.1.1 and when i enter this site i saw prtg authentication login .
Now after i publish site and create listener i must
Add authentication method . Please help me witch of these is right for me ?
Cause in listener when i click test rule i saw logon error
On detail .

Regards .
0
 
LVL 15

Expert Comment

by:Jaroslav Mraz
ID: 36897132
On webserver becouse the databes is there. If you are using AD on PRTG server you can try even AD. Port is 443 as SSL id you login from interent. But now i get one idea dindt you using something on the port 443 also on same ISA?
0
 

Author Comment

by:iMehran
ID: 36897218
Thanks again , the prtg dont use AD for login ,
And it using it own user name and password .
I think i must just publish it whithout any authentication cause it use it own authenticate .
Can you explain more about your idea ? And tell me more info ?

Very thanks ,

Regards .
0
 

Author Comment

by:iMehran
ID: 36897219
Thanks again , the prtg dont use AD for login ,
And it using it own user name and password .
I think i must just publish it whithout any authentication cause it use it own authenticate .
Can you explain more about your idea ? And tell me more info ?

Very thanks ,

Regards .
0
 
LVL 15

Accepted Solution

by:
Jaroslav Mraz earned 2000 total points
ID: 36897286
If you have choise publish it without autentification this will be best if not on Webserver metohd shoud be the same but told other words :)

Ok my other idea is that you can change SSL port from 443 to something els in PRTG so microsft cant control what you are douing and just use port forawding ISA guid witch is up. So if you change port example for 5554 you can acces it as https://server_IP_EXTERNAL_OR_INTERNAL:5554  so you can oweride control :D microsoft or this IDP sonds and detection servis wil dont know what are you transfering and douing on that port soo cant block anything :)

and second idea

if you using any HTTPS servis from internet on port 443 you can use second thing. Use port forawding also but you just change internet port and redirection for 5554 to 443 on local IP.

Then you will be using https://INTERNET_IP:5554 and https://local_IP for local conection.
0
 

Author Comment

by:iMehran
ID: 36898510
so thanks for your Answers ,

i change My Port on PRTG now its : https://192.168.1.1:5557 as internal Link .

But in PRTG Server i just have Private IP Address ( 192.168.1.1 ) and in ISA I have Valid IP .

Then as you said "https://server_IP_EXTERNAL_OR_INTERNAL:5554" What is My IP External ? are You mean My ISA IP Address ?
i made DNS prtg.domain.com and put it My Valid ip Address on ISA , Now when in internet i Ping it , it Back to me My Correct Valid IP Address for ISA .
now how Can i Redirect it to my Internal Server ?

Really Thanks .
0
 

Author Closing Comment

by:iMehran
ID: 36898533
So nice Answer , i did it and every thing Work Well . .

Thanks Again .
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In Africa (and potentially where you live…), reliability of ISPs is questionable.  With the increased reliance on e-mail as one of the primary forms of communication, the costs to business are significant based on interuption of ISP Connectivity.  T…
Common practice undertaken by most system administrators is to document the configurations and final solutions of anything performed by them for their future use and reference. So here I am going to explain how to export ISA Server 2004 Firewall pol…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.
Suggested Courses
Course of the Month8 days, 7 hours left to enroll

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question