www.infralib.com

www.infralib.com
Please visit my new site http://www.infralib.com for my and other authors' newer posts, articles. We will also have forums, videos, webcasts and etc.

Thursday, 19 May 2011

Adding/Accessing different HTTPS ports with ISA Server 2006

You will get the error below when you try to create a connection to HTTPS by using a different port than 443. This is very normal behaviour of ISA because the port you want to use is not in the range of TunnelPorts, (TunnelPortRanges)

HTTP/1.1 502 Proxy Error (The specified Secure Sockets Layer (SSL) port is not allowed. ISA Server is not configured to allow SSL requests from this port. Most Web browsers use port 443 for SSL requests.)

But you can easily add necessary ports to TunnelPortRanges by the help of a very simle VB script, to do it create a clean vbs file and paste the code below to your vbs, and change the port numbers as you wish, example code is for port 8443, save and run the vbs. It will add the port you have written to TunnelPortRanges, you will need to restart Firewall Service to apply and activate your new port.

set isa=CreateObject("FPC.Root")
set tprange=isa.GetContainingArray.ArrayPolicy.WebProxy.TunnelPortRanges
set tmp=tprange.AddRange("SSL 8443", 8443, 8443)
tprange.Save


You can also use the vbs below to list ranges.
set isa=CreateObject("FPC.Root")
Dim tpRanges, tpRange

Set tpRanges = isa.GetContainingArray.ArrayPolicy.WebProxy.TunnelPortRanges

If tpRanges.Count > 0 Then
    For Each tpRange In tpRanges
    WScript.Echo tpRange.Name & " : " & tpRange.TunnelLowPort & "-" & tpRange.TunnelHighPort
    Next
Else
    WScript.Echo "No tunnel port ranges are defined."
End If


No comments: