Prev: DCOM error
Next: Sender ID Filtering vs. SBS Fax Server
From: "Crina Li" on 13 Jul 2006 04:45 Hi Oswaldo, Thanks for your update. I am glad to hear the problem is resolved. It is my pleasure to work with you in this post. If you encounter any difficulties in the future, please submit the post to the newsgroup. We are glad to be of the assistance. Again, thank you for using Microsoft newsgroup. Have a nice day. :) Best regards, Crina Li (MSFT) Microsoft CSS Online Newsgroup Support Get Secure! - www.microsoft.com/security ===================================================== This newsgroup only focuses on SBS technical issues. If you have issues regarding other Microsoft products, you'd better post in the corresponding newsgroups so that they can be resolved in an efficient and timely manner. You can locate the newsgroup here: http://www.microsoft.com/communities/newsgroups/en-us/default.aspx When opening a new thread via the web interface, we recommend you check the "Notify me of replies" box to receive e-mail notifications when there are any updates in your thread. When responding to posts via your newsreader, please "Reply to Group" so that others may learn and benefit from your issue. Microsoft engineers can only focus on one issue per thread. Although we provide other information for your reference, we recommend you post different incidents in different threads to keep the thread clean. In doing so, it will ensure your issues are resolved in a timely manner. For urgent issues, you may want to contact Microsoft CSS directly. Please check http://support.microsoft.com for regional support phone numbers. Any input or comments in this thread are highly appreciated. ===================================================== This posting is provided "AS IS" with no warranties, and confers no rights. -------------------- | Thread-Topic: ISA 2004 cisco SSL vpn client | thread-index: Acal7go7ns6t+oQWRj6MGWdmitjZjg== | X-WBNR-Posting-Host: 208.33.47.68 | From: =?Utf-8?B?T3N3YWxkbw==?= <Oswaldo(a)discussions.microsoft.com> | References: <u$97GScfGHA.4852(a)TK2MSFTNGP05.phx.gbl> <W3yb27NoGHA.2028(a)TK2MSFTNGXA01.phx.gbl> <CE543673-D801-4FD2-9BFC-F36FC1422480(a)microsoft.com> <SDZNvqaoGHA.6028(a)TK2MSFTNGXA01.phx.gbl> <25D6F0EA-6F60-4CB4-BDEF-604E7E6F6D1C(a)microsoft.com> <pGsSPA$oGHA.2028(a)TK2MSFTNGXA01.phx.gbl> <441134E9-62C9-4323-B15B-BC8DA888F4DE(a)microsoft.com> <ORKAnmcpGHA.2028(a)TK2MSFTNGXA01.phx.gbl> | Subject: RE: ISA 2004 cisco SSL vpn client | Date: Wed, 12 Jul 2006 13:02:01 -0700 | Lines: 315 | Message-ID: <DCEFB842-ADF9-4663-BE5D-CAF18386A193(a)microsoft.com> | MIME-Version: 1.0 | Content-Type: text/plain; | charset="Utf-8" | Content-Transfer-Encoding: 8bit | X-Newsreader: Microsoft CDO for Windows 2000 | Content-Class: urn:content-classes:message | Importance: normal | Priority: normal | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.1830 | Newsgroups: microsoft.public.windows.server.sbs | Path: TK2MSFTNGXA01.phx.gbl | Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:280931 | NNTP-Posting-Host: TK2MSFTNGXA01.phx.gbl 10.40.2.250 | X-Tomcat-NG: microsoft.public.windows.server.sbs | | Hi Jenny, | After we tried all the suggestions that you gave us, the company that is | providing the VPN contacted Cisco and they told them that if we are using ISA | server on Proxy mode the SSL probably won?t work. So they send me the client | software and I am making a direct connection to their system and seems to be | working fine. | Thank you very much for all your help. | Regards, | | -- | Oswaldo Cortes | | | ""Jenny wu [MSFT]"" wrote: | | > Hi Oswaldo, | > | > Thanks for your update! I am jenny and I am backup of Brandy for she is now | > taking sick leave. I will continue work with you till she come back. I am | > really sorry for the inconvenience that brings to you. | > | > Based on my experience, the problem may occur if authentication is required | > in the access rule which allows traffic from Local Host to External. | > Basically it's recommended that we enable proxy on not only the internal | > clients but also the ISA firewall itself. It is for both performance and | > flexibility consideration. If you don't want to enable proxy on the ISA | > server itself, I suggest you try the following steps to solve the issue: | > | > 1. Please open the ISA management console, navigate to Firewall Policy, | > right click "Firewall Policy" and click New->Access Rule, then create a new | > access rule as following: | > | > Rule name: Allow Local Host access Internet | > Rule Action: Allow | > Protocols: All Outbound Traffic | > Sources: Local Host (The built-in network object) | > Destination: External | > User Sets: All Users | > | > Then move this rule to the top and click Apply to save all the settings. | > | > 2. Then please open the ISA2004 Management Console, in the left panel, | > expand to Configuration->Networks. Under "Networks panel", double click | > "Internal". Switch to "Web Proxy" panel, click "Authentication" and then | > uncheck the "Require all users to authenticate" option. Then click the | > Apply button to save the changes. | > | > After performing the above steps, please test the issue again, what is the | > result? | > | > Thanks for your time and cooperation. Please let me know if you have any | > questions or concerns. | > | > Have a nice day! | > | > Sincerely, | > | > Jenny Wu | > Microsoft CSS Online Newsgroup Support | > Get Secure! - www.microsoft.com/security | > ====================================================== | > This newsgroup only focuses on SBS technical issues. If you have issues | > regarding other Microsoft products, you'd better post in the corresponding | > newsgroups so that they can be resolved in an efficient and timely manner. | > You can locate the newsgroup here: | > http://www.microsoft.com/communities/newsgroups/en-us/default.aspx | > | > When opening a new thread via the web interface, we recommend you check the | > "Notify me of replies" box to receive e-mail notifications when there are | > any updates in your thread. When responding to posts via your newsreader, | > please "Reply to Group" so that others may learn and benefit from your | > issue. | > | > Microsoft engineers can only focus on one issue per thread. Although we | > provide other information for yo |