Solved

Mozypro won't connect through ISA 2000 server

Posted on 2012-03-15
12
485 Views
Last Modified: 2016-03-20
Hello,

I need assistance configuring ISA 2000 on a Windows SBS 2003 to allow Mozypro online access.  I contacted Mozy and they require access via port 443.  I created what I believe to be a protocol rule for internet access for SSL but no luck.  The only way I can get Mozy to work is to change authentication from Integrated to Basic.  This allows Mozy to connect fine but then all the clients are prompted for user credentials every time they open a browser.  I'm thinking I'm not setting up a rule properly.  Any help would be appreciated.

Thank you.
0
Comment
Question by:TeddyZ83
  • 3
  • 3
  • 3
  • +1
12 Comments
 
LVL 51

Expert Comment

by:Keith Alabaster
Comment Utility
Sorry, that product (ISA 2000) left any form of support some years ago and I haven't touched it myself since that time. Shame that whoever looked after your system did not keep the system up to date via the Windows Update guides. SBS 2003 SP1 provided a free upgrade from ISA 2000 to ISA 2004 (you had to request the CD's).

Since that time, ISA 2004 and ISA 2006 have both been introduced and replaced.

You need to be very careful trying to create new protocol rules - especially for 443 - as your outlook web access etc could well go dow the tubes if you get this lot wrong.

Keith
0
 
LVL 61

Expert Comment

by:gheist
Comment Utility
You can also let 443/tcp pass without authentication. Also it is possible to ask for basic authentication after integrated did not authenticate (Squid can, Maybe ISA can do it too)
0
 
LVL 29

Expert Comment

by:pwindell
Comment Utility
You can run Basic and Integrated at the same time.

Anything that can use Integrated will use it,...all others will fall back to Basic.
0
 

Author Comment

by:TeddyZ83
Comment Utility
I tried Basic and Integrated at the same time and clients were not prompted for credentials accessing the internet but MozPro still wouldn't connect.  I'm going to remove ISA altogether and just a hardware firewall.
0
 
LVL 29

Expert Comment

by:pwindell
Comment Utility
Then you will have to reconfigure SBS as a Single-Nic Server.  Do it correctly or you will make a mess out of it.
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 61

Expert Comment

by:gheist
Comment Utility
There is a problem with mozpro and a proxy authentication You do not need to adjust your properly working infrastructure for their broken product.

HTTP specification explicitly describes proxy with authentication. mozpro sell their stuff and have eyes to read it.
0
 
LVL 29

Expert Comment

by:pwindell
Comment Utility
There is a problem with mozpro and a proxy authentication You do not need to adjust your properly working infrastructure for their broken product.

I agree,...however ISA2000 is so old and because of limitations in it's design it is very difficult to work with.  Getting rid of it and going with a different firewall that is a separate device from the SBS box isn't a bad idea.  

SP1 of SBS Premium included the free upgrade to ISA2004 which would be easier to deal with.  That would be a good option to go with if one wanted to keep SBS in it's current topology configuration
0
 

Accepted Solution

by:
TeddyZ83 earned 0 total points
Comment Utility
Sorry for the late response.  I removed ISA altogether to resolve the issue.  Thank you.
0
 

Author Comment

by:TeddyZ83
Comment Utility
I've requested that this question be closed as follows:

Accepted answer: 0 points for TeddyZ83's comment #37951799

for the following reason:

No other options worked except removing the program.
0
 
LVL 61

Expert Comment

by:gheist
Comment Utility
Sadly substandard product win in the compatibility race.
Didi you ask mozypro to do something to make their product complete?
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Join & Write a Comment

Microsoft's ISA Server has been its pre-eminent security product for about a decade and is still regarded amongst the well-informed as one of the best software firewalls and application gateways ever released, by any manufacturer. ISA Server has bee…
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now