[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

Unusual port numbers recorded when accessing IIS website through a Reverse Proxy

Posted on 2016-07-21
1
Medium Priority
?
70 Views
Last Modified: 2016-07-21
Hello Experts

A customer of mine has an internal webserver that logs all accesses.  They used to use NAT to allow external access to this webserver and each access was recorded in the IIS logs as coming in on port 443 (correctly).

I have recently deployed an IIS based Reverse Proxy for them (along with DMZ / ASA firewall etc) and now the logs on the internal webserver records the access attempts as coming from the correct customer public IP addresses but on ports other than 443 (see attached image).

Everything seems to be working correctly and the firewall is only allowing 443 access from outside in so I am at a loss at the moment to explain the odd ports in the IIS logs - if anyone can offer a reason for this I would be most grateful.

Thanks.
1.jpg
0
Comment
Question by:Plagus
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 30

Accepted Solution

by:
Britt Thompson earned 2000 total points
ID: 41722994
I feel this is normal behavior. Access from the client source port will be something random with this setup like outbound access through your ASA to external services. If you watch the logs in the ASA you'll see the same situation reporting client source ports with normal destination ports.
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When it comes to showing a 404 error page to your visitors, you do not want that generic page to show, and you especially do not want your hosting provider’s ad error page to show either. In this article, I will show you how to enable the custom 40…
Preparing an email is something we should all take special care with – especially when the email is for somebody you may not know very well. The pressures of everyday working life stacked with a hectic office environment can make this a real challen…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question