# connect on work ISA server

## Rhiakath

hello again.

At work, I installed gentoo. Everybody uses windows, but I need linux for some projects.

Unfortunately, it means nobody knows how to configure network stuff, and that's where you network guru's enter.

Apparently, I can only use ssh, if i connect to an ISA server and authenticate (I have no idea what I'm talking about, so cut me some slack here, ok?)

Right now, I have basic web-browsing, no MSN or Googletalk, no POP3, no SSH, nickles. niente. Zilch.

So, this is what happens when I try to ssh to another pc outside of the network.

```

rhiakath@gentoo-box-kde ~ $ ssh my-home-linux-box

Proxy could not open connnection to my-home-linux-box:  Proxy Error ( The specified Secure Sockets Layer (SSL) port is not allowed. ISA Server is not configured to allow SSL requests from this port. Most Web browsers use port 443 for SSL requests.  )

ssh_exchange_identification: Connection closed by remote host

rhiakath@gentoo-box-kde ~ $ 

```

now, this works if i run gentoo in a virtualbox inside windows. also, putty for windows is able to connect, with no extra configuration. I just installed it and i connected.

So, I guess this ISA server is going to give me some headaches. How do I solve this?

Thanks.

----------

## eulogious

Hello,

So the first thing that pops into my mind when I read this is authentication.  If you work is anything like my work, which is all windows 2008 based now, then ISA is probably integrated into your user id, meaning that you have certain permissions to be able to do certain things, once you get authenticated with the ISA server using your userid and passwd.  I could be wrong, but when you say you can do it inside of windows in a virtual machine, this is the first thing I think of.

Maybe try installing and configuring a LDAP client so you can authenticate with your work user id and passwd, and maybe the ISA server will let you access the ports you need once you are authenticated?  IDK, this is just a guess, but it's the first thing that pops into my mind...

So on that note, how is the windows computer that you run the VM of gentoo different from the actual gentoo machine?  

Maybe the ISA server is using some sort of IP/MAC address filtering which is preventing you from accessing those ports as well?  If that's the case, then your "network guys" will have to allow your machine access to the ISA firewall.  

To me it sounds like your issues have something to do with authentication at the ISA firewall and that is what is preventing you from accessing what you need to.

----------

## Rhiakath

You are so right, it puts a smile on my face.

Yes, this is an authentication issue.

The problem is, I can kinda access the ldap.

for example, when i use kontact to access the ldap server, it begins to download the contact list, and then fails with an  error saying I must authenticate.

The windows host with gentoo in vm is different in that all communications are done through the ethernet card AFTER windows has already registered it on the ISA, and authenticated. So, Windows authenticates on the ISA server, and then the gentoo vm uses the host network. that's all, and as such, works. I just need something to do what the windows firewall client does at boot, I suppose. I don't know if Windows Firewall Client keeps authenticating thru the whole session. I tried running it with wine, but no luck.

Since this is the same machine, It should not be an IP/Mac issue. My VirtualBox gentoo machine is actually a whole partition, which is what i'm using right now. The only difference is, I booted directly into gentoo, instead of booting windows and then starting the vm with this partition.

----------

## eulogious

Well I am glad that I could at least point you in the right direction!

So it would seem that ISA is somehow needing authentication to work properly, and unfortunately I have not really messed around with LDAP in the linux world at all.  It's something on my to-do list, since I will need it for all my linux boxes once I get them up and running to be able to access certain resources on my work's network as well.  But I haven't really even looked at how to go about it yet   :Confused: 

So I would start by looking at LDAP and figuring out how to get the linux machine to get authentication from the windows domain.  Hopefully one of the network guru's will chime in about doing that...

Good luck man!  I will be watching and seeing what you come up with, and if I can think of something, I will let you know!

----------

