Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsIT Pro and developersBank Websites and ISA2004
networkn

Networkn
32862 posts

Uber Geek
+1 received by user: 15453

ID Verified
Trusted
Lifetime subscriber

#63238 23-Jun-2010 09:18
Send private message

Hi There!

We have a couple of sites that use banking sites like asbbank.co.nz and bnz and the problem we are having is getting a rule that works within ISA 2004.

Are there any specific guidelines?

At this point despite having some VERY general wildcard rules, we can't even get the website's front pages to load.

Any assistance greatly appreciated.

Create new topic
paulspain
417 posts

Ultimate Geek
+1 received by user: 25

Trusted
Lifetime subscriber

  #344454 23-Jun-2010 09:44
Send private message

I haved used ISA Server for years and don't recall any specific issues with banking sites, however that is a really old version now.

A look at ISAServer.org found this which may be relevant:
http://www.isaserver.org/tutorials/onlinebanking.html

With ISA being ba secrity product I would suggest running the latest release - which is Forefront Threat Management Gateway 2010 and is excellent.




Paul Spain
Founder: Gorilla Technology, NZ Tech Podcast



BlakJak
1330 posts

Uber Geek
+1 received by user: 735

Trusted

  #344701 23-Jun-2010 22:54
Send private message

The ISA course I did last year still used text books based on ISA 2004 (but taught ISA 2006).

No problems making Internet Banking work. Surprised you're having troubles, to be honest.




No signature to see here, move along...

Regs
4066 posts

Uber Geek
+1 received by user: 206

Trusted
Snowflake

  #344705 23-Jun-2010 23:11
Send private message

i do recall a couple of years back that some of the banks were doing weird things with their configurations, and that was breaking some firewalls. i cant recall exactly what the problems were, but you might be able to find something searching the nznog archives http://list.waikato.ac.nz/pipermail/nznog/




Sales Engineer
Snowflake
www.snowflake.com

about.me/nzregs
Twitter: @nzregs



insane
3324 posts

Uber Geek
+1 received by user: 1006

ID Verified
Trusted
2degrees
Subscriber

  #344725 24-Jun-2010 02:28
Send private message

This may well be completely unrelated but do check your MTU settings on your connection. Sites which require SSL need to be able to transfer large packet payload sizes.

I'll 2nd/3rd what has been said above, it's unlikely to be a firewall rule unless you're doing something very wrong :)

BlakJak
1330 posts

Uber Geek
+1 received by user: 735

Trusted

  #344833 24-Jun-2010 11:22
Send private message

Most problems were derived from broken firewalls blocking ICMP and preventing PMTU from working properly, IIRC.  ISA is pretty good at keeping SSL working out of the box, though.




No signature to see here, move along...

Create new topic








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.








RSS feeds
Main feed
Forums feed
Copyright
©2002-2026 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright