Didn't get up to the site today. But I have made a little progress. The offending application is a proxy server type thing....it makes IE use 127.0.0.1:8080 I had the user removed the firewall client and had a bit of success. It would connect to one of the sites, but not the other. It's driving me batty. I hope to speak to a technician at the bank tomorrow, before I go onsite. S -----Original Message----- From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Steve Moffat Sent: Wednesday, July 12, 2006 6:01 PM To: isapros@xxxxxxxxxxxxx Subject: [isapros] Re: Does this array script look ok to you?? The list is fine...if it accepts attachments. -----Original Message----- From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Jim Harrison Sent: Wednesday, July 12, 2006 5:40 PM To: isapros@xxxxxxxxxxxxx Subject: [isapros] Re: Does this array script look ok to you?? ..or this alias, if you're so inclined... ------------------------------------------------------- Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! ------------------------------------------------------- -----Original Message----- From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Steve Moffat Sent: Wednesday, July 12, 2006 13:24 To: isapros@xxxxxxxxxxxxx Subject: [isapros] Re: Does this array script look ok to you?? Yup...going there tomorrow......netmon 3 install. For testing purposes only of course. You want them direct to you? S -----Original Message----- From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Jim Harrison Sent: Wednesday, July 12, 2006 5:22 PM To: isapros@xxxxxxxxxxxxx Subject: [isapros] Re: Does this array script look ok to you?? If you can get craptures fro the successful / failing sessions, we might be able to figure it out... ------------------------------------------------------- Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! ------------------------------------------------------- -----Original Message----- From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Steve Moffat Sent: Wednesday, July 12, 2006 13:13 To: isapros@xxxxxxxxxxxxx Subject: [isapros] Re: Does this array script look ok to you?? Well, the weird thing is, when I watch the ISA logs in real time, the "app traffic" is allowed, no denies, This is before IE is called. As I said, the bloody thing is intermittent.....consistently intermittent....really annoying. -----Original Message----- From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Jim Harrison Sent: Wednesday, July 12, 2006 5:06 PM To: isapros@xxxxxxxxxxxxx Subject: [isapros] Re: Does this array script look ok to you?? Does the "app" understand and use the wpad script? If not, you can educate IE all you want and the app will still fail. ------------------------------------------------------- Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! ------------------------------------------------------- -----Original Message----- From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Steve Moffat Sent: Wednesday, July 12, 2006 12:59 To: isapros@xxxxxxxxxxxxx Subject: [isapros] Re: Does this array script look ok to you?? Itâs an electronic banking sign app that works over httpâ..hence *.bankofbermuda.com, The sign in app then calls IE. It sends a security token apparently and it is very intermittent as to whether it passes through ISA. ie Sometimes it does, sometimes it doesnât. Once into the app though, about 6 IE windows open, all with the same login page. I donât have netmon 3 on the server yetâneed to visit the site to do that. S From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Thomas W Shinder Sent: Wednesday, July 12, 2006 4:55 PM To: isapros@xxxxxxxxxxxxx Subject: [isapros] Re: Does this array script look ok to you?? What are you issues? Thomas W Shinder, M.D. Site: www.isaserver.org <http://www.isaserver.org/> Blog: http://blogs.isaserver.org/shinder/ Book: http://tinyurl.com/3xqb7 MVP -- ISA Firewalls ________________________________ From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Steve Moffat Sent: Wednesday, July 12, 2006 1:55 PM To: isapros@xxxxxxxxxxxxx Subject: [isapros] Does this array script look ok to you?? I am having issues with some of the domains listed in the DirectIPâs section. Have I got this right? ISA 2K4 all up to date. //Copyright (c) 1997-2004 Microsoft Corporation BackupRoute="DIRECT"; UseDirectForLocal=true; function MakeIPs(){ this[0]="127.0.0.0"; this[1]="255.0.0.0"; this[2]="192.168.175.0"; this[3]="255.255.255.0"; this[4]="209.164.32.5"; this[5]="255.255.255.255"; this[6]="64.3.108.6"; this[7]="255.255.255.254"; this[8]="64.3.108.8"; this[9]="255.255.255.248"; this[10]="64.3.108.16"; this[11]="255.255.255.240"; } DirectIPs=new MakeIPs(); cDirectIPs=12; function MakeNames(){ this[0]="*.helpdesk.bldc.com"; this[1]="*.bankofbermuda.com"; this[2]="*.freerealtime.com"; this[3]="*.data.primate.com/*"; this[4]="data.primate.com/*"; this[5]="bankofbermuda.com/*"; this[6]="*.ebankline.bankofbermuda.com"; this[7]="*.clientaccess.bankofbermuda.com"; this[8]="*.bankofbermuda.com"; this[9]="*.helpdesk.bldc.com"; this[10]="*.ebankline.bankofbermuda.com"; this[11]="*.clientaccess.bankofbermuda.com"; this[12]="*.bankofbermuda.bm"; this[13]="*.data.primate.com"; this[14]="*.tritonh.bldc.com"; } DirectNames=new MakeNames(); cDirectNames=15; HttpPort="8080"; cNodes=1; function MakeProxies(){ this[0]=new Node("Bldcisa.TritonH.bldc.com",0,1.000000); } Proxies = new MakeProxies(); function Node(name, hash, load){ this.name = name; this.hash = hash; this.load = load; this.score = 0; return this; } function FindProxyForURL(url, host){ var hash=0, urllower, i, fIp=false, ip, nocarp=false, skiphost=false; var list, pl, j, score, ibest, bestscore, port=HttpPort; urllower = url.toLowerCase(); if((urllower.substring(0,5)=="rtsp:") || (urllower.substring(0,6)=="rtspt:") || (urllower.substring(0,6)=="rtspu:") || (urllower.substring(0,4)=="mms:") || (urllower.substring(0,5)=="mmst:") || (urllower.substring(0,5)=="mmsu:")) return "DIRECT"; if(UseDirectForLocal){ if(isPlainHostName(host)) fIp = true;} for(i = 0; i < cDirectNames; i++) if(shExpMatch(host, DirectNames[i])){ fIp = true; break;} if(cDirectIPs == 0){ if(fIp) return "DIRECT";} else{ ip = host; if(fIp) ip = dnsResolve(host); var isIpAddr = /^(\d+.){3}\d+$/; if(isIpAddr.test(ip)){ for(i = 0; i < cDirectIPs; i += 2){ if(isInNet(ip, DirectIPs[i], DirectIPs[i+1])) return "DIRECT";}} else if(isPlainHostName(host)) return "DIRECT"; } if(!skiphost) hash = HashString(host,hash); if(nocarp) hash = HashString(myIpAddress(), hash); pl = new Array(); for(i = 0; i<cNodes; i++){ Proxies[i].score = Proxies[i].load * Scramble(hash ^ Proxies[i].hash); pl[i] = i; } list = ""; for(j = 0; j < cNodes; j++){ bestscore = -1; for(i = 0; i < cNodes-j; i++){ score = Proxies[pl[i]].score; if(score > bestscore){ bestscore = score; ibest = i; }} list = list + "PROXY " + Proxies[pl[ibest]].name + ":" + port + "; "; pl[ibest] = pl[cNodes-j-1]; } list = list + BackupRoute; return list; } var h_tbl = new Array(0,0x10D01913,0x21A03226,0x31702B35,0x4340644C,0x53907D5F,0x62E0566A,0x72304F79,0x8680C898,0x9650D18B,0xA720FABE,0xB7F0E3AD,0xC5C0ACD4,0xD510B5C7,0xE4609EF2,0xF4B087E1); function HashString(str, h){ for(var i=0; i<str.length; i++){ var c = str.charAt(i); if (c==':' || c=='/') break; c = CharToAscii(c.toLowerCase()); h = (h >>> 4) ^ h_tbl[(h ^ c) & 15]; h = (h >>> 4) ^ h_tbl[(h ^ (c>>>4)) & 15]; h = MakeInt(h); } return h; } function Scramble(h){ h += ((h & 0xffff) * 0x1965) + ((((h >> 16) & 0xffff) * 0x1965) << 16) + (((h & 0xffff) * 0x6253) << 16); h = MakeInt(h); h += (((h & 0x7ff) << 21) | ((h >> 11) & 0x1fffff)); return MakeInt(h); } var Chars =" !\"#$%&\'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~âÂ???????????ÂÅÂÂ????????????ÂÅ? ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃà "; function CharToAscii(c){ return Chars.indexOf(c) + 32; } function MakeInt(x){ x %= 4294967296; if(x < 0) x += 4294967296; return x; } Thanks Steve This project is so important, we can't let things that are more important interfere with it. Steve Moffat Operations Director Optimum IT Solutions * Email: steve@xxxxxxxxxx ( Office:(441) 232-8849 ( Mobile: (441) 232-8849 Dedicated to proactively supporting our customers This email may contain confidential information. If you are not named on the addressee list, please take no action in relation to this email, do not open any attachment, and please contact the sender (details above) immediately. Information in this email is provided in good faith. If you are a customer of Optimum IT Solutions please refer to the terms and conditions which cover the provision of support and consulting services to you/your organization. If you are not corresponding in the course of, or in connection with a Optimum IT Solutions contract or program with its own terms and conditions, please note that no liability is accepted by Optimum IT Solutions for the contents of this mail. All mail to and from this domain is GFI-scanned. All mail to and from this domain is GFI-scanned. All mail to and from this domain is GFI-scanned.