TMG: 12204 The specified Secure Sockets Layer (SSL) port is not allowed.

Владимир Демянович
02.12.2014

Дословно ошибка звучит так:

12204 The specified Secure Sockets Layer (SSL) port is not allowed. Forefront TMG is not configured to allow SSL requests from this port. Most Web browsers use port 443 for SSL requests. 

Нужно "добавить" ваш не стандартный SSL порт с помощью vbs-скрипта.

Покажу пример скрипта, который добавляет порт 9443 в качестве SSL порта:

set isa=CreateObject("FPC.Root")
set tprange=isa.GetContainingArray.ArrayPolicy.WebProxy.TunnelPortRanges
set tmp=tprange.AddRange("SSL 9443", 9443, 9443)
tprange.Save

После запуска скрипта перезапустите службу "Windows  Firewall" или "Microsoft Firewall Service".

Посмотреть список уже добавленных портов можно с помощью этого скрипта:

''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
' Copyright (c) Microsoft Corporation. All rights reserved.
' THIS CODE IS MADE AVAILABLE AS IS, WITHOUT WARRANTY OF ANY KIND. THE ENTIRE
' RISK OF THE USE OR THE RESULTS FROM THE USE OF THIS CODE REMAINS WITH THE
' USER. USE AND REDISTRIBUTION OF THIS CODE, WITH OR WITHOUT MODIFICATION, IS
' HEREBY PERMITTED.
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
' This script retrieves the collection of tunnel port ranges defined in the
' containing array, iterates through the collection, and displays the names
' and port ranges for the tunnel port ranges.
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
Sub ShowTPRanges()

    ' Create the root object.
    Dim root  ' The FPCLib.FPC root object
    Set root = CreateObject("FPC.Root")

    ' Declare the other objects needed.
    Dim isaArray     ' An FPCArray object
    Dim tpRanges     ' An FPCTunnelPortRanges collection
    Dim tpRange      ' An FPCTunnelPortRange object

    ' Get references to the array object
    ' and the collection of tunnel port ranges.
    Set isaArray = root.GetContainingArray()
    Set tpRanges = isaArray.ArrayPolicy.WebProxy.TunnelPortRanges

    ' If at least one tunnel port range is defined in the  
    ' collection, display the names and port ranges for all
    ' the tunnel port ranges.
    If tpRanges.Count > 0 Then
        For Each tpRange In tpRanges
            WScript.Echo tpRange.Name & ": " & tpRange.TunnelLowPort & _
                "-" & tpRange.TunnelHighPort
        Next
    Else
        WScript.Echo "No tunnel port ranges are defined."
    End If
End Sub

ShowTPRanges

Удалить уже добавленные порты можно с помощью следующего скрипта:

''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
' Copyright (c) Microsoft Corporation. All rights reserved.
' THIS CODE IS MADE AVAILABLE AS IS, WITHOUT WARRANTY OF ANY KIND. THE ENTIRE
' RISK OF THE USE OR THE RESULTS FROM THE USE OF THIS CODE REMAINS WITH THE
' USER. USE AND REDISTRIBUTION OF THIS CODE, WITH OR WITHOUT MODIFICATION, IS
' HEREBY PERMITTED.
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
' This script deletes the specified tunnel port range.
' This script can be run from a command prompt by entering the
' following command:
'     CScript DelTPRange.vbs RangeName
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
Option Explicit

' Define the constant needed.
const Error_FileNotFound = &H80070002

Main(WScript.Arguments)

Sub Main(args)
    If(args.Count <> 1) Then
        Usage()
    Else
       DelTPRange args(0)
    End If
End Sub

Sub DelTPRange(rangeName)

    ' Create the root object.
    Dim root  ' The FPCLib.FPC root object
    Set root = CreateObject("FPC.Root")

    'Declare the other objects needed.
    Dim isaArray     ' An ISA Server array object
    Dim tpRanges     ' An FPCTunnelPortRanges collection

    ' Get a reference to the array and to
    ' the collection of tunnel port ranges.
    Set isaArray = root.GetContainingArray()
    Set tpRanges = isaArray.ArrayPolicy.WebProxy.TunnelPortRanges

    ' Delete the specified tunnel port range.
    On Error Resume Next
    tpRanges.Remove(rangeName)
    If Err.Number = Error_FileNotFound Then
        WScript.Echo "The tunnel port range specified could not be found."
        WScript.Quit
    Else
        WScript.Echo "Removing the tunnel port range specified ..."
    End If
    On Error GoTo 0

    ' Save the changes to the collection of tunnel port ranges
    ' with fResetRequiredServices set to True to restart the Firewall service.
    tpRanges.Save True

    WScript.Echo "Done!"
End Sub

Sub Usage()
    WScript.Echo "Usage:" & VbCrLf _
        & "  " & WScript.ScriptName & " RangeName" & VbCrLf _
        & "" & VbCrLf _
        & "  RangeName - Name of the tunnel port range to be deleted"
    WScript.Quit
End Sub

Еще может пригодиться это:

forums.isaserver.org/m_2002068049/mpage_1/key_/tm.htm#2002068049

www.isaserver.org/articles/2004tunnelportrange.html

Там есть ссылка на некий GUI, но мне больше понравился vbs-скрипт.

     
 Возможно Вам будет интересно:
  1. Windows: Как узнать когда был сменен пароль локального пользователя? 
  2. VBS: автоматическая архивация логов 
  3. TMG (ISA): Публикация ссылок с русскими символами через Listener и 500-я ошибка 
Понравилось? =) Поделись с друзьями:
  
Опубликовано в рубрике Администрирование
Метки: , , 
« 
 »
  
Обсудить