+ Post New Thread
Results 1 to 11 of 11
Internet Related/Filtering/Firewall Thread, Smoothwall HTTPS in Technical; Hi All Just setup smoothwall as an internal proxy with ISA on the edge of the network. Seems to be ...
  1. #1
    jsnetman's Avatar
    Join Date
    Oct 2007
    Posts
    887
    Thank Post
    23
    Thanked 134 Times in 126 Posts
    Rep Power
    40

    Smoothwall HTTPS

    Hi All

    Just setup smoothwall as an internal proxy with ISA on the edge of the network. Seems to be working but we cannot access any HTTPS sites. My users are screaming for gmail. Smoothwall support is not open, I need info quick.

  2. #2


    tom_newton's Avatar
    Join Date
    Sep 2006
    Location
    Leeds
    Posts
    4,485
    Thank Post
    867
    Thanked 854 Times in 675 Posts
    Rep Power
    197
    Support agents are in - there should be someone on the end of a phone now

  3. #3


    tom_newton's Avatar
    Join Date
    Sep 2006
    Location
    Leeds
    Posts
    4,485
    Thank Post
    867
    Thanked 854 Times in 675 Posts
    Rep Power
    197
    On a more diagnostic note... I presume the smoothie is set up as a regular proxy?
    What's the failure mode for HTTPS?
    Is ISA an upstream proxy of the smoothwall?
    What's in the logs, both smoothie (info/logs/web filter) and ISA access logs?

  4. #4
    jsnetman's Avatar
    Join Date
    Oct 2007
    Posts
    887
    Thank Post
    23
    Thanked 134 Times in 126 Posts
    Rep Power
    40
    smoothwall Log

    :58:20 administrator http://mail.google.com/a/ntlp.org.uk 0 Warning OK (200)
    exception Exception site match
    8:58:20 administrator https://mail.google.com:443 0 Warning OK (200)
    exception Exception site match
    8:59:09 administrator http://mail.google.com/a/ntlp.org.uk 0 Warning OK (200)

    I switched off the proxy on ISA

  5. #5
    jsnetman's Avatar
    Join Date
    Oct 2007
    Posts
    887
    Thank Post
    23
    Thanked 134 Times in 126 Posts
    Rep Power
    40
    ISA Log, smoothwall being downstraem

    Failed Connection Attempt JS_WALL 28/09/2010 09:03:56
    Log type: Web Proxy (Forward)
    Status: 13 The data is invalid.
    Rule:
    Source: Internal (172.16.64.8)
    Destination: (lhr14s01-in-f83.1e100.net 173.194.36.83:443)
    Request:
    Filter information: Req ID: 08d8f126
    Protocol:
    User: anonymous

  6. #6


    tom_newton's Avatar
    Join Date
    Sep 2006
    Location
    Leeds
    Posts
    4,485
    Thank Post
    867
    Thanked 854 Times in 675 Posts
    Rep Power
    197
    So you are using ISA as an upstream proxy?
    First, one suggestion would be to not do that, and allow the smoothie direct network access through ISA's NAT.
    Second - it would seem that you *might* have ISA set up incorrectly - have you tried HTTPS proxy directly through ISA?

  7. #7
    jsnetman's Avatar
    Join Date
    Oct 2007
    Posts
    887
    Thank Post
    23
    Thanked 134 Times in 126 Posts
    Rep Power
    40
    HTTPs works directly through the ISA. Tom Holstock had a good hunt around the ISA server and did not seem to think it was misconfigured. But still no HTTPS when smothwall is enabled as the proxy and ISA straight through.

  8. #8


    tom_newton's Avatar
    Join Date
    Sep 2006
    Location
    Leeds
    Posts
    4,485
    Thank Post
    867
    Thanked 854 Times in 675 Posts
    Rep Power
    197
    Would it be possible to let the smoothie pass straight through?
    I've had a look round to see if I could find any info on "error 13" - it *could* be related to compression, but we don't turn that on...

  9. #9
    jsnetman's Avatar
    Join Date
    Oct 2007
    Posts
    887
    Thank Post
    23
    Thanked 134 Times in 126 Posts
    Rep Power
    40
    Would it be possible to let the smoothie pass straight through?
    I think Jason tried that and HTTPS works, but the way it was left is that it was not filtering anything.

  10. #10


    tom_newton's Avatar
    Join Date
    Sep 2006
    Location
    Leeds
    Posts
    4,485
    Thank Post
    867
    Thanked 854 Times in 675 Posts
    Rep Power
    197
    I can get Jason to put it back like that if that's helpful?

    We'll run this past a few proxy experts at some point soon and see if they can shed any light.

  11. #11
    jsnetman's Avatar
    Join Date
    Oct 2007
    Posts
    887
    Thank Post
    23
    Thanked 134 Times in 126 Posts
    Rep Power
    40
    I can get Jason to put it back like that if that's helpful
    No problem, I set it back to my old filtering system in the meantime Jason is going to ring and see if he can find a solution.

SHARE:
+ Post New Thread

Similar Threads

  1. Moodle entirely over https - how to?
    By tom1985 in forum Virtual Learning Platforms
    Replies: 12
    Last Post: 14th December 2010, 06:02 PM
  2. Smoothwall https blocking help
    By cookie_monster in forum Network and Classroom Management
    Replies: 1
    Last Post: 22nd January 2010, 12:14 PM
  3. Smoothwall Problem - Blocking Https sites
    By adhutton in forum Internet Related/Filtering/Firewall
    Replies: 2
    Last Post: 2nd October 2009, 09:56 AM
  4. No https:// requests can get through
    By Scotmk in forum Windows
    Replies: 21
    Last Post: 20th October 2008, 05:43 PM
  5. https Question. . .
    By maniac in forum Web Development
    Replies: 7
    Last Post: 6th January 2008, 07:17 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •