It is not.
So I will stay with the Forward non AD Zone of board.imcu.com and make
everyone on the inside happy.
--------------------------------------------------
From: "Ben Scott" <[email protected]>
Sent: Monday, November 16, 2009 3:57 PM
To: "NT System Admin Issues" <[email protected]>
Subject: Re: https and certs issues
On Mon, Nov 16, 2009 at 3:20 PM, David W. McSpadden <[email protected]>
wrote:
Routers and Firewall are managed by third parties.
I believe the problem with the rule in the ASA is not really the asa's
fault.
...
Internally I needed to https://10.0.x.x to get to the site.
It really should be possible to have an external IP that is NAT'ed
back to the inside still work from inside. But, reading between the
lines in the above, I'm guessing that the firewall config is done by
some entity which doesn't easily respond to your needs. So perhaps
you cannot get your firewall fixed. Of course, that just begs the
question, "Shouldn't you get a better firewall provider?"...
If I https://board.imcu.com IE8 would sit for about 180 seconds and then
say
webpage can not be displayed.
MSIE says "Page could not be displayed" for damn near everything.
"telnet board.imcu.com 443" might yield better diagnostics. But given
other info in this thread, I'd bet you're just going to get a timeout
error. That's symptomatic of packets being dropped on the floor,
which is what happens when you have a router which isn't routing.
If I drop the lookup zone and just add an A record to my AD will it do
the
same thing???
If your Active Directory domain name is the same as <imcu.com>, yes.
-- Ben
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
