Hi, Can you please elaborate on how, exactly:
"----ISA/SGD/Internal Clients" Is laid out? Additionally, if you enable logging in ISA Server, and then test access using a non-local client, what do you see in the ISA Server logs? If you then compare to a local client accessing (via public IP) what's the difference in what you see in the logs? Cheers Ken -----Original Message----- From: Robert Jackson [mailto:r...@walkermartyn.co.uk] Sent: Tuesday, 9 February 2010 6:06 PM To: NT System Admin Issues Subject: RE: SSGD ISA 2006 Issues Hi Ken, It's more like the SGD server is behind the ISA Proxy. Our ISA server is really only used as a proxy server and not a full blown ISA protection device (if that makes sense). We don't have a dedicated DMZ. So the diagram becomes: Internet ------- HW F/W ---------- Network Switch(es) ------- ISA/SGD/Internal Clients TIA. -----Original Message----- From: Ken Schaefer [mailto:k...@adopenstatic.com] Sent: Tuesday February 2010 09:06 To: NT System Admin Issues Subject: RE: SSGD ISA 2006 Issues What is your actual network configuration? Internet <-> HW FW <-> SGD <-> ISA Proxy <-> Internal Client Or something else? Cheers Ken -----Original Message----- From: Robert Jackson [mailto:r...@walkermartyn.co.uk] Sent: Tuesday, 9 February 2010 4:13 PM To: NT System Admin Issues Subject: SSGD ISA 2006 Issues Does anyone know if ISA 2006 configuration changes are specifically required in order to get Sun's Secure Global Desktop operational? My scenario is this: We have a SGD server on our local LAN. A laptop on our local LAN can access SGD no problem using an internal ip address in the browser - as you would expect. The same laptop can access SGD with a public address in the browser (and going through an ISA 2006 server used as a proxy server). Again, the same laptop, on the local LAN, can by pass the ISA 2006 proxy server and using the public ip address access the SGD no problem. My issues occur when the laptop (or a different computer) not on the local LAN tries to access the SGD server using the public ip address. I keep getting the error: Cannot connect to the server <servername>:443 I can telnet on port 443 through the public ip address, so at least I know that traffic can pass through our front internet facing hardware firewall to the SGD server. Anyone have any ideas? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ************************************************************************ The information in this internet E-mail is confidential and is intended solely for the addressee. Access, copying or re-use of information in it by anyone else is unauthorised. Any views or opinions presented are solely those of the author and do not necessarily represent those of Walker Martyn Ltd or any of its affiliates. If you are not the intended recipient please contact administra...@walkermartyn.co.uk Walker Martyn Ltd, company number SC197533. Company is registered in Scotland and has its registered office at 1 Park Circus Place, Glasgow G3 6AH, UK. **************************************************************** ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~