In article , RG wrote: :I don't have acces to the proxy server, but wanted to get some info on it.
:The proxy service is listening to the https requests from internal clients :on port 443. Would I be able to establish https over a different port i.e. :
Can the administrator control which https :ports I am alowed to access?
It depends what you mean.
The PIX is (when appropriately configured) able to forward https received on any arbitrary port, to any arbitrary port. As far as the PIX is concerned, https is just an arbitrary binary stream that could be anything.
However, if you want the PIX to intercept https and interpose authentication -at the PIX level-, then if memory serves me properly then it must be on port 443, at least up through PIX 6.3.
:If windows instant messanger is communicating via TLS over port 443, is :there a way to configure it to use cisco proxy?
All traffic goes through the PIX proxy: you can't turn it off. However, the PIX proxy doesn't do much that you normally think of for a proxy service. The PIX proxy handles things like packet reassembly and sequence number randomization and blocking IP options and (if so configured) completing the 3-way handshake back to the originator before the destination system is contacted [helps reduce DoS from forged IP addresses.] The PIX proxy does not, though, do any caching.