Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Cannot access https website

Status
Not open for further replies.
wenhua1306

wenhua1306

MIS
Oct 1, 2003
15
0
0
TW
I had my ISA server installed in chahe mode. Protocol rules and content type rules are both configured to allow HTTP & HTTPS. The http requests are just fine, but https didn't work. I am new to ISA server, hope some of you can help me out...

Edward C.
 
Sort by date Sort by votes
ISA Server does not chache https sites but does a bypass so in theory there should not be a problem with that. I have noticed though that I cannot get through to some https sites. There appears to be some sort of issue between ie6 isa server and certain secure sites. I put on ie 5 and had no problems. What browser are you using.
Dave
 
Upvote 0 Downvote
Thank you, Dave. Ie5 & ie6 are the same in my case. But I nearly solve this issue. I installed another server in integrated mode for testing. The newly installed server has only one NIC. Strangely, the problem disapeared. I wonder if it relates to multi-homed machine.

My production server has two NICs. One attached to internal and the other to internet directly. Do you have any suggetion for furthur action ?

Edward C.
 
Upvote 0 Downvote
Make sure that isa is binding to the nic with the gateway probably the internal one and see if that helps.
Dave
 
Upvote 0 Downvote
Dear IT Folks

Problem:
I have DSL access via Verizon and use a LinkSys Router to give internet access to 5 machines in my network.

My NT Server works just fine and I have access to and my ATT.com billing access. However, my Win2k systems would time out and diplay the "Page cannot be accessed" error message. However, some other HTTPS sites gave me full access within seconds.

Resolution:
I changed the MTU (Maximum Transmission Unit) setting on the LinkSys Firewall from default to 1300 and that fixed all my problems.

Analysis:
After 2 weeks of intensive research I believe I came to a proper resolution.

Every node on the internet (Routers, firewalls, switches) have a certain packet size allowance.

The size of data that transfers through the internet depends on the following:
  1. It comprises of the way the programming code have been written for the website by differnet developers.
  2. It depends on the kind of webservers that are hosting the website you're trying to access. What is their defauly ACK and N-ACK settings.
  3. It depends on the length of the strings that are passed in the packets.
  4. It depends on the capacity of the internet routers/firewalls which give passage to the data.
  5. Finally it depends on the encryption overhead that each packet has to endure based on the SSL that is being used.

Bottom line is that to fix the timing out of "HTTPS" sites will depend on you to set the size of your MTU transmission to 1300 (or by hit or miss to a workable number).

Thanks
Shawn B.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Shmid
  • Locked
  • Question
Restricting Sonicwall SSL-VPN users for WAN access
Replies
7
Views
167
Shmid
Shmid
ISDPCMAN
  • Locked
  • Question
Cannot connect to TZ-215 Sonicwall appliance with web browser!
Replies
0
Views
48
ISDPCMAN
ISDPCMAN
DivemasterBill
  • Locked
  • Question
Cannot connect via the SonicWall Login webpage
Replies
0
Views
39
DivemasterBill
DivemasterBill
gbayi_omo
  • Locked
  • Question
Cisco ASA 5505 not allowing access to highest security zone
Replies
0
Views
48
gbayi_omo
gbayi_omo
BluffPlace
  • Locked
  • Question
Add a website to go through Site 2 Site VPN
Replies
1
Views
51
PScottC
PScottC

Part and Inventory Search

Sponsor

Back
Top