Isa 2000 & SSL Port

Home Forums Security General Security Isa 2000 & SSL Port

This topic contains 14 replies, has 5 voices, and was last updated by Avatar cruachan 8 years, 7 months ago.

Viewing 15 posts - 1 through 15 (of 15 total)
  • Author
    Posts
  • Avatar
    Si_Pe
    Member
    #153437

    Hi all,

    We have a website which SSL port is 444 and ISA 2000 only allows 443 as far as I can see but I need to be able to add the 444 port. In 2004 you can use a tool call ISA PRE which is really easy and lets you add the new port easily. I have looked on the web and seen it’s possible but Via scripts and that’s where it starts to fall down for me, I am not very hot on vb scripts so need a little help.

    I have found some useful info but the link to the script doesn’t work.

    http://consultingblogs.emc.com/markwilson/archive/2005/07/15/1800.aspx

    http://www.isatools.org/tools.asp?Context=ISA2000

    http://support.microsoft.com/default.aspx?scid=kb;en-us;283284 – this looks what I need but I am unsure how to put the code into a script and make it run?

    I know some people will ask why are we still using ISA 2000 etc but we are and it works fine for what we need at the moment (well apart from this issue) I just haven’t got the time to upgrade all our servers at the moment.

    Can anyone help?

    Cheers,
    Si

    Avatar
    cruachan
    Participant
    #330082

    Re: Isa 2000 & SSL Port

    From isaserver.org:-
    http://forums.isaserver.org/m_50246000/mpage_1/key_/tm.htm#50246000
    Seems you can just do it via a publishing rule, and if anyone knows it’s Tom Shinder.

    And I will say you should upgrade your firewall. ISA 2000 is now 3 versions out of date and well past EOL with Microsoft. Not what I would recommend for an edge device.

    Avatar
    Si_Pe
    Member
    #278226

    Re: Isa 2000 & SSL Port

    cruachan;231267 wrote:
    From isaserver.org:-
    http://forums.isaserver.org/m_50246000/mpage_1/key_/tm.htm#50246000
    Seems you can just do it via a publishing rule, and if anyone knows it’s Tom Shinder.

    And I will say you should upgrade your firewall. ISA 2000 is now 3 versions out of date and well past EOL with Microsoft. Not what I would recommend for an edge device.

    Hi,

    Thanks for your repy!

    Any idea how to set this up? I can’t seem to see get it to work. Its on my list to upgrade to 2006 in the coming months but need to give users access to the site as soon as possible.

    Thanks again,
    Si

    Avatar
    Si_Pe
    Member
    #278227

    Re: Isa 2000 & SSL Port

    Hi,

    I have tried the below link but can’t get the external thing to work. Should the link work for HTTPS as well as FTP?

    http://www.isaserver.org/tutorials/Install_and_Configure_FTP_Server_behind_ISA_Server_2000_with_unstandard_port.html

    Cheers,
    Si

    Avatar
    cruachan
    Participant
    #330084

    Re: Isa 2000 & SSL Port

    Fraid not, I know very little about ISA 2000. If it was 2004/6 or TMG I could help more. Dumber may be able to help though.

    Avatar
    Si_Pe
    Member
    #278228

    Re: Isa 2000 & SSL Port

    cruachan;231362 wrote:
    Fraid not, I know very little about ISA 2000. If it was 2004/6 or TMG I could help more. Dumber may be able to help though.

    Thanks for your help!

    Avatar
    Si_Pe
    Member
    #278229

    Help with script

    Hello all,

    I am trying to get a script to work to add a new SSL port into ISA 2000 but I cannot get it to work at all. Now I haven’t got the best knowledge when it comes to this sort of thing so wondered if someone could help me out?

    I have another post in the General network section but I hope I don’t get abused for posting again but I know know what I need to do but can’t get the script to work.

    Can someone help?

    The script I need to make is below.

    Code:
    set isa=CreateObject(“FPC.Root”)
    set tprange=isa.GetContainingArray.ArrayPolicy.WebProxy.TunnelPortRanges
    set tmp=tprange.AddRange(“SSL 444”, 444, 444)
    tprange.Save

    The ports I want to add are 444

    The above was taken from here – http://support.microsoft.com/default.aspx?scid=kb;en-us;283284

    Thanks!

    Avatar
    Wired
    Moderator
    #274023

    Re: Help with script

    Threads merged.

    Since that’s vBScript, copy that stuff, put into a text file, then rename the *.txt file to *.vbs file. Either double click it or run in a command window (the latter’s better in case an error pops up).

    Avatar
    Si_Pe
    Member
    #278230

    Re: Help with script

    Wired;231565 wrote:
    Threads merged.

    Since that’s vBScript, copy that stuff, put into a text file, then rename the *.txt file to *.vbs file. Either double click it or run in a command window (the latter’s better in case an error pops up).

    Thanks for your help, I will post my results!

    Thanks for merging the thread too!

    Avatar
    Si_Pe
    Member
    #278231

    Re: Isa 2000 & SSL Port

    Hi,

    I have tried to run the script and have got the below error, could anyone help?

    ErrorISA.jpg

    Thanks,
    Simon

    Rems
    Rems
    Moderator
    #227943

    Re: Isa 2000 & SSL Port

    try:

    Code:
    newRangeName = “SSL 444”
    newTunnelPort = CDbl(444)

    set isa=CreateObject(“FPC.Root”)

    Set isaArray = isa.GetContainingArray()
    Set tpRange = isaArray.ArrayPolicy.WebProxy.TunnelPortRanges

    set tmp = tprange.AddRange(newRangeName,newTunnelPort,newTunnelPort)

    tprange.Save

    Avatar
    Si_Pe
    Member
    #278232

    Re: Isa 2000 & SSL Port

    I have fixed it, whoop Whoop!

    The script needed set in front of the tprange, not sure how I managed it as copied it from the MS document.

    set isa=CreateObject(“FPC.Root”)
    set tprange=isa.Arrays.GetContainingArray.ArrayPolicy.WebProxy.TunnelPortRanges
    set tmp=tprange.AddRange(“SSL 444”, 444, 444)
    tprange.Save

    It works a treat after restarting the ISA services.

    Thanks for your help!

    Avatar
    Si_Pe
    Member
    #278233

    Re: Isa 2000 & SSL Port

    Rems;231634 wrote:
    try:

    Code:
    newRangeName = “SSL 444”
    newTunnelPort = CDbl(444)

    set isa=CreateObject(“FPC.Root”)

    Set isaArray = isa.GetContainingArray()
    Set tpRange = isaArray.ArrayPolicy.WebProxy.TunnelPortRanges

    set tmp = tprange.AddRange(newRangeName,newTunnelPort,newTunnelPort)

    tprange.Save

    Thanks,

    I had noticed I was missing a “set”

    Thanks for reply!

    Avatar
    Dumber
    Participant
    #201602

    Re: Isa 2000 & SSL Port

    Glad it worked, but when you are going to migrate, move to TMG straight away.

    Edit: moved to General Security, since it belongs to a security product… well, “security”

    Avatar
    Si_Pe
    Member
    #278234

    Re: Isa 2000 & SSL Port

    Dumber;231641 wrote:
    Glad it worked, but when you are going to migrate, move to TMG straight away.

    Edit: moved to General Security, since it belongs to a security product… well, “security”

    Will do!

    Thanks again!

Viewing 15 posts - 1 through 15 (of 15 total)

You must be logged in to reply to this topic.