ISA Server 2004: SSL Port 44300 Error

Punkrulz

Somewhat eXPerienced
Joined
24 Dec 2001
Messages
790
I have a user who is attempting to access a secure area on his college's website from our network. The website is the following:

https://admin9.rowan.edu:44300

Unfortunately, whenever he attempts to access the page, he gets the following error message:

Network Access Message: The page cannot be displayed

Technical Information (for Support personnel)
• Error Code: 502 Proxy Error. The specified Secure Sockets Layer (SSL) port is not allowed. ISA Server is not configured to allow SSL requests from this port. Most Web browsers use port 443 for SSL requests. (12204)
• IP Address: 192.168.1.1
• Date: 8/8/2007 8:55:36 PM
• Server: ------------------------ (Masked for protection)
• Source: proxy

I was looking around ISA, and I found the section that lists all protocols. I did not see any for SSL, whether it's 443 or 44300. I attempted to add this protocol so it would be allowed, and unfortunately that did not work.

Can someone help me add this so the user can get to the website? Monitoring his connection does not reveal any blocked or denied messages, just says failed connection. He can continue to access the website from home which leads me to believe that there are no problems being experienced with that particular domain.

Thanks!
 

fitz

Woah.. I'm still here?
Political Access
Joined
26 Apr 2004
Messages
4,085
punk:

I believe you need to configure a new outbound web listener on the ISA box to "listen" for SSL traffic on that port.

Haven't set it up in ISA 2k4.. but usually if you right click on the server in the ISA MMC and go to the properties, I believe that is where you can add a new listener under the outgoing web requests tab.
 

Punkrulz

Somewhat eXPerienced
Joined
24 Dec 2001
Messages
790
punk:

I believe you need to configure a new outbound web listener on the ISA box to "listen" for SSL traffic on that port.

Haven't set it up in ISA 2k4.. but usually if you right click on the server in the ISA MMC and go to the properties, I believe that is where you can add a new listener under the outgoing web requests tab.

Fitz,

I am unable to locate what you are referring to. I know that I have tried creating a new protocol, and adding it to our rule for secure web browsing. I've also tried editing the existing HTTPS rule (discovered it was not defined as SSL). Under our Networks option, I was able to right-click Internal, and under the web browser tab specify which websites should be directly accessed. I added *.rowan.edu. This still did not work.

I believe the furthest I had gotten was I am using the ISA server as my test browser for getting to this website. I specified through the proxy settings that anything going to *.rowan.edu should bypass the proxy. Now instead of getting the error message, I get a blank white page.
 

fitz

Woah.. I'm still here?
Political Access
Joined
26 Apr 2004
Messages
4,085
punk.. give me a day or so to set up a VM ISA 2k4 box to look up where the actual option is.

In the mean time, how are the clients setup to access via the ISA box? Are you using the firewall Client? Secure NAT? or just setting the proxy settings in the browser?
 

Punkrulz

Somewhat eXPerienced
Joined
24 Dec 2001
Messages
790
Proxy settings are typically just set in the browser. Obviously the firewall is set as the Gateway, and then we're just setting the proxy settings in the browser.
 

fitz

Woah.. I'm still here?
Political Access
Joined
26 Apr 2004
Messages
4,085
Before I go through with setting up test servers, have you tried this yet?
 

Members online

No members online now.

Latest profile posts

Also Hi EP and people. I found this place again while looking through a oooollllllldddd backup. I have filled over 10TB and was looking at my collection of antiques. Any bids on the 500Mhz Win 95 fix?
Any of the SP crew still out there?
Xie wrote on Electronic Punk's profile.
Impressed you have kept this alive this long EP! So many sites have come and gone. :(

Just did some crude math and I apparently joined almost 18yrs ago, how is that possible???
hello peeps... is been some time since i last came here.
Electronic Punk wrote on Sazar's profile.
Rest in peace my friend, been trying to find you and finally did in the worst way imaginable.

Forum statistics

Threads
62,011
Messages
673,478
Members
5,608
Latest member
endryshall