From: "Crina Li" on
Hi Oswaldo,

Thanks for your update.

I am glad to hear the problem is resolved.

It is my pleasure to work with you in this post. If you encounter any
difficulties in the future, please submit the post to the newsgroup. We
are glad to be of the assistance.

Again, thank you for using Microsoft newsgroup. Have a nice day. :)

Best regards,

Crina Li (MSFT)

Microsoft CSS Online Newsgroup Support

Get Secure! - www.microsoft.com/security

=====================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx

When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.

Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.

For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.

Any input or comments in this thread are highly appreciated.

=====================================================

This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| Thread-Topic: ISA 2004 cisco SSL vpn client
| thread-index: Acal7go7ns6t+oQWRj6MGWdmitjZjg==
| X-WBNR-Posting-Host: 208.33.47.68
| From: =?Utf-8?B?T3N3YWxkbw==?= <Oswaldo(a)discussions.microsoft.com>
| References: <u$97GScfGHA.4852(a)TK2MSFTNGP05.phx.gbl>
<W3yb27NoGHA.2028(a)TK2MSFTNGXA01.phx.gbl>
<CE543673-D801-4FD2-9BFC-F36FC1422480(a)microsoft.com>
<SDZNvqaoGHA.6028(a)TK2MSFTNGXA01.phx.gbl>
<25D6F0EA-6F60-4CB4-BDEF-604E7E6F6D1C(a)microsoft.com>
<pGsSPA$oGHA.2028(a)TK2MSFTNGXA01.phx.gbl>
<441134E9-62C9-4323-B15B-BC8DA888F4DE(a)microsoft.com>
<ORKAnmcpGHA.2028(a)TK2MSFTNGXA01.phx.gbl>
| Subject: RE: ISA 2004 cisco SSL vpn client
| Date: Wed, 12 Jul 2006 13:02:01 -0700
| Lines: 315
| Message-ID: <DCEFB842-ADF9-4663-BE5D-CAF18386A193(a)microsoft.com>
| MIME-Version: 1.0
| Content-Type: text/plain;
| charset="Utf-8"
| Content-Transfer-Encoding: 8bit
| X-Newsreader: Microsoft CDO for Windows 2000
| Content-Class: urn:content-classes:message
| Importance: normal
| Priority: normal
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.1830
| Newsgroups: microsoft.public.windows.server.sbs
| Path: TK2MSFTNGXA01.phx.gbl
| Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:280931
| NNTP-Posting-Host: TK2MSFTNGXA01.phx.gbl 10.40.2.250
| X-Tomcat-NG: microsoft.public.windows.server.sbs
|
| Hi Jenny,
| After we tried all the suggestions that you gave us, the company that is
| providing the VPN contacted Cisco and they told them that if we are using
ISA
| server on Proxy mode the SSL probably won?t work. So they send me the
client
| software and I am making a direct connection to their system and seems to
be
| working fine.
| Thank you very much for all your help.
| Regards,
|
| --
| Oswaldo Cortes
|
|
| ""Jenny wu [MSFT]"" wrote:
|
| > Hi Oswaldo,
| >
| > Thanks for your update! I am jenny and I am backup of Brandy for she is
now
| > taking sick leave. I will continue work with you till she come back. I
am
| > really sorry for the inconvenience that brings to you.
| >
| > Based on my experience, the problem may occur if authentication is
required
| > in the access rule which allows traffic from Local Host to External.
| > Basically it's recommended that we enable proxy on not only the
internal
| > clients but also the ISA firewall itself. It is for both performance
and
| > flexibility consideration. If you don't want to enable proxy on the ISA
| > server itself, I suggest you try the following steps to solve the issue:
| >
| > 1. Please open the ISA management console, navigate to Firewall Policy,
| > right click "Firewall Policy" and click New->Access Rule, then create a
new
| > access rule as following:
| >
| > Rule name: Allow Local Host access Internet
| > Rule Action: Allow
| > Protocols: All Outbound Traffic
| > Sources: Local Host (The built-in network object)
| > Destination: External
| > User Sets: All Users
| >
| > Then move this rule to the top and click Apply to save all the settings.
| >
| > 2. Then please open the ISA2004 Management Console, in the left panel,
| > expand to Configuration->Networks. Under "Networks panel", double click
| > "Internal". Switch to "Web Proxy" panel, click "Authentication" and
then
| > uncheck the "Require all users to authenticate" option. Then click the
| > Apply button to save the changes.
| >
| > After performing the above steps, please test the issue again, what is
the
| > result?
| >
| > Thanks for your time and cooperation. Please let me know if you have
any
| > questions or concerns.
| >
| > Have a nice day!
| >
| > Sincerely,
| >
| > Jenny Wu
| > Microsoft CSS Online Newsgroup Support
| > Get Secure! - www.microsoft.com/security
| > ======================================================
| > This newsgroup only focuses on SBS technical issues. If you have issues
| > regarding other Microsoft products, you'd better post in the
corresponding
| > newsgroups so that they can be resolved in an efficient and timely
manner.
| > You can locate the newsgroup here:
| > http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
| >
| > When opening a new thread via the web interface, we recommend you check
the
| > "Notify me of replies" box to receive e-mail notifications when there
are
| > any updates in your thread. When responding to posts via your
newsreader,
| > please "Reply to Group" so that others may learn and benefit from your
| > issue.
| >
| > Microsoft engineers can only focus on one issue per thread. Although we
| > provide other information for yo