If there comes a time to work with a Web site that uses a nonstandard SSL port for its setup, then ISA will not allow the Web browser on through to the site.
For those of us running ISA 2006 SP1 to protect our now migrated domains to SBS 2008, or to manage our client’s SBS 2008 domains where the Companyweb SharePoint site now uses port 987 for its SSL connections from within our ISA protected network, there will be a need to allow that port through ISA 2006 SP1.
The same need applies for those that need to connect to remote SBS 2008 Companyweb sites via SBS 2003 SP1 and R2 Premium networks protected by ISA 2004 SP3.
To correct this, a utility is needed to modify the allowed SSL ports list in ISA. We use the ISA Tunnel Port Editor (ISAtrpe) utility that can be had from the ISATools.org site: ISATools.org ISA 2004 downloads. The download is about 2/3 of the way down the list.
ISA Tunnel Port Editor
In the above screenshot, we are looking at a vanilla ISA 2006 SP1 install on Windows Server 2003 R2 Standard.
So, we would do the following to get things happening:
- LowPort: 987
- HighPort: 987
- TunnelPortName: SBSSharePoint
- Click the Add Tunnel Range button.
- Wait a minute or two.
- An “Added SBSSharePoint successful!” message will appear when done. Click the OK button.
- The newly added port should be listed in the ports list as shown below.
Note that if the port addition is done via an RDP session, the RDP session may be broken. It should be reestablished close to the end of the procedure.
ISA Tunnel Port Editor with Port 987 Added
Once the procedure has completed, close the Tunnel Editor.
Direct access, or access via the Remote Web Workplace, to any remote Companyweb SharePoint site will work after this.
Microsoft Small Business Specialists
*All Mac on SBS posts will not be written on a Mac until we replace our now missing iMac!