asked on
Mozypro won't connect through ISA 2000 server
Hello,
I need assistance configuring ISA 2000 on a Windows SBS 2003 to allow Mozypro online access. I contacted Mozy and they require access via port 443. I created what I believe to be a protocol rule for internet access for SSL but no luck. The only way I can get Mozy to work is to change authentication from Integrated to Basic. This allows Mozy to connect fine but then all the clients are prompted for user credentials every time they open a browser. I'm thinking I'm not setting up a rule properly. Any help would be appreciated.
Thank you.
I need assistance configuring ISA 2000 on a Windows SBS 2003 to allow Mozypro online access. I contacted Mozy and they require access via port 443. I created what I believe to be a protocol rule for internet access for SSL but no luck. The only way I can get Mozy to work is to change authentication from Integrated to Basic. This allows Mozy to connect fine but then all the clients are prompted for user credentials every time they open a browser. I'm thinking I'm not setting up a rule properly. Any help would be appreciated.
Thank you.
Microsoft Forefront ISA ServerSoftware FirewallsWindows Server 2003Mozy
Last Comment
gheist
You can also let 443/tcp pass without authentication. Also it is possible to ask for basic authentication after integrated did not authenticate (Squid can, Maybe ISA can do it too)
You can run Basic and Integrated at the same time.
Anything that can use Integrated will use it,...all others will fall back to Basic.
Anything that can use Integrated will use it,...all others will fall back to Basic.
ASKER
I tried Basic and Integrated at the same time and clients were not prompted for credentials accessing the internet but MozPro still wouldn't connect. I'm going to remove ISA altogether and just a hardware firewall.
Then you will have to reconfigure SBS as a Single-Nic Server. Do it correctly or you will make a mess out of it.
There is a problem with mozpro and a proxy authentication You do not need to adjust your properly working infrastructure for their broken product.
HTTP specification explicitly describes proxy with authentication. mozpro sell their stuff and have eyes to read it.
HTTP specification explicitly describes proxy with authentication. mozpro sell their stuff and have eyes to read it.
There is a problem with mozpro and a proxy authentication You do not need to adjust your properly working infrastructure for their broken product.
I agree,...however ISA2000 is so old and because of limitations in it's design it is very difficult to work with. Getting rid of it and going with a different firewall that is a separate device from the SBS box isn't a bad idea.
SP1 of SBS Premium included the free upgrade to ISA2004 which would be easier to deal with. That would be a good option to go with if one wanted to keep SBS in it's current topology configuration
I agree,...however ISA2000 is so old and because of limitations in it's design it is very difficult to work with. Getting rid of it and going with a different firewall that is a separate device from the SBS box isn't a bad idea.
SP1 of SBS Premium included the free upgrade to ISA2004 which would be easier to deal with. That would be a good option to go with if one wanted to keep SBS in it's current topology configuration
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
I've requested that this question be closed as follows:
Accepted answer: 0 points for TeddyZ83's comment #37951799
for the following reason:
No other options worked except removing the program.
Accepted answer: 0 points for TeddyZ83's comment #37951799
for the following reason:
No other options worked except removing the program.
Sadly substandard product win in the compatibility race.
Didi you ask mozypro to do something to make their product complete?
Didi you ask mozypro to do something to make their product complete?
Since that time, ISA 2004 and ISA 2006 have both been introduced and replaced.
You need to be very careful trying to create new protocol rules - especially for 443 - as your outlook web access etc could well go dow the tubes if you get this lot wrong.
Keith