Upgrade your Internet Experience
Microsoft.com
Welcome Sign in
Resources for IT Professionals
Click to Rate and Give Feedback
TechNet
TechNet Library
TechNet Archive
ISA Server 2000
Concepts
Authentication
 SSL tunneling

  Switch on low bandwidth view
SSL tunneling
Archived content. No warranty is made as to technical accuracy. Content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist.

With Secure Socket Layer (SSL) tunneling, a client can establish a tunnel through the Microsoft Internet Security and Acceleration (ISA) Server directly to the Web server with the requested Secure Hypertext Transfer Protocol (HTTPS) object. Whenever a client browser requests an HTTPS object through ISA Server, it uses SSL tunneling.

The figure illustrates the SSL tunneling process:

  1. When a client requests an SSL object from a Web server on the Internet, ISA Server sends the connect request

    https://URL_name

  2. The following request is sent to port 8080 on the ISA Server computer:

    CONNECT URL_name:443 HTTP/1.1

  3. ISA Server connects to the destination Web server on port 443.

  4. When the TCP connection is established, the ISA Server returns:

    HTTP/1.0 200 connection established

From that point on, the client communicates directly with the external Web server.

SSL tunneling works by default for outgoing client requests to ports 443 and 563. You can add SSL tunneling for additional ports by setting FPCProxyTunnelPortRange, an ISA Admin COM object. For more information, see the ISA Server Software Development Kit.

© 2009 Microsoft Corporation. All rights reserved. Terms of Use | Trademarks | Privacy Statement
Page view tracker