Solved

Mozypro won't connect through ISA 2000 server

Posted on 2012-03-15
12
497 Views
Last Modified: 2016-03-20
Hello,

I need assistance configuring ISA 2000 on a Windows SBS 2003 to allow Mozypro online access.  I contacted Mozy and they require access via port 443.  I created what I believe to be a protocol rule for internet access for SSL but no luck.  The only way I can get Mozy to work is to change authentication from Integrated to Basic.  This allows Mozy to connect fine but then all the clients are prompted for user credentials every time they open a browser.  I'm thinking I'm not setting up a rule properly.  Any help would be appreciated.

Thank you.
0
Comment
Question by:TeddyZ83
  • 3
  • 3
  • 3
  • +1
12 Comments
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 37728146
Sorry, that product (ISA 2000) left any form of support some years ago and I haven't touched it myself since that time. Shame that whoever looked after your system did not keep the system up to date via the Windows Update guides. SBS 2003 SP1 provided a free upgrade from ISA 2000 to ISA 2004 (you had to request the CD's).

Since that time, ISA 2004 and ISA 2006 have both been introduced and replaced.

You need to be very careful trying to create new protocol rules - especially for 443 - as your outlook web access etc could well go dow the tubes if you get this lot wrong.

Keith
0
 
LVL 61

Expert Comment

by:gheist
ID: 37728422
You can also let 443/tcp pass without authentication. Also it is possible to ask for basic authentication after integrated did not authenticate (Squid can, Maybe ISA can do it too)
0
 
LVL 29

Expert Comment

by:pwindell
ID: 37748587
You can run Basic and Integrated at the same time.

Anything that can use Integrated will use it,...all others will fall back to Basic.
0
 

Author Comment

by:TeddyZ83
ID: 37752258
I tried Basic and Integrated at the same time and clients were not prompted for credentials accessing the internet but MozPro still wouldn't connect.  I'm going to remove ISA altogether and just a hardware firewall.
0
 
LVL 29

Expert Comment

by:pwindell
ID: 37752412
Then you will have to reconfigure SBS as a Single-Nic Server.  Do it correctly or you will make a mess out of it.
0
 
LVL 61

Expert Comment

by:gheist
ID: 37752629
There is a problem with mozpro and a proxy authentication You do not need to adjust your properly working infrastructure for their broken product.

HTTP specification explicitly describes proxy with authentication. mozpro sell their stuff and have eyes to read it.
0
 
LVL 29

Expert Comment

by:pwindell
ID: 37752774
There is a problem with mozpro and a proxy authentication You do not need to adjust your properly working infrastructure for their broken product.

I agree,...however ISA2000 is so old and because of limitations in it's design it is very difficult to work with.  Getting rid of it and going with a different firewall that is a separate device from the SBS box isn't a bad idea.  

SP1 of SBS Premium included the free upgrade to ISA2004 which would be easier to deal with.  That would be a good option to go with if one wanted to keep SBS in it's current topology configuration
0
 

Accepted Solution

by:
TeddyZ83 earned 0 total points
ID: 37951799
Sorry for the late response.  I removed ISA altogether to resolve the issue.  Thank you.
0
 

Author Comment

by:TeddyZ83
ID: 37951923
I've requested that this question be closed as follows:

Accepted answer: 0 points for TeddyZ83's comment #37951799

for the following reason:

No other options worked except removing the program.
0
 
LVL 61

Expert Comment

by:gheist
ID: 37951924
Sadly substandard product win in the compatibility race.
Didi you ask mozypro to do something to make their product complete?
0
Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Microsoft's ISA Server has been its pre-eminent security product for about a decade and is still regarded amongst the well-informed as one of the best software firewalls and application gateways ever released, by any manufacturer. ISA Server has bee…
Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Learn how to create flexible layouts using relative units in CSS.  New relative units added in CSS3 include vw(viewports width), vh(viewports height), vmin(minimum of viewports height and width), and vmax (maximum of viewports height and width).

912 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now