RE: Complex URLs?

• From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Fri, 28 Oct 2005 17:29:18 -0700

Yes, there is more data.
What's the URL in the ISA logs?
What rule is quoted for the 403 response?

They use IP-access controls?!?
<snicker><chortle><chuckle><GUFFAW>
Yeh -that's the ticket - everybody behind your ISA is now seen as a
single-freakin'-user!

-------------------------------------------------------
   Jim Harrison
   MCP(NT4, W2K), A+, Network+, PCG
   http://isaserver.org/Jim_Harrison/
   http://isatools.org
   Read the help / books / articles!
-------------------------------------------------------
 

-----Original Message-----
From: Ball, Dan [mailto:DBall@xxxxxxxxxxx] 
Sent: Friday, October 28, 2005 10:30
To: [ISAserver.org Discussion List]
Subject: [isalist] Complex URLs?

http://www.ISAserver.org

Can someone please help me with this? 

We've been struggling with getting access to some state databases for a
couple of months now, but have been unsuccessful.  I've checked the ISA
logs, and all I see is an HTTP GET request going out, and the response
is a 403 Forbidden.  There are no other packets to analyze... 

Finally, we got a response from their tech center, only by chance, in
the e-mail forwarding shuffle.  Here is what they said:

---------------------------------
Can you check with the library that is trying to connect to see if they
are behind a firewall that might be limiting their access?

The following are the lines from the error log where the IP you sent
tried to access the GRGM resource:
1012101716:23196:28201:GET
/itweb/lom_accessmich?db=GRGM:24.213.58.250:80:web:pu
blic:0:1
1012101727:23196:28308:GET
/ips/start.do?userGroupName=lom_accessmich&prodId=IPS
&DB=SPN.SP01_SPN.SP02_HRCA_GRGM_CDB_EAIM_GBFM_ITOF_LT_STOJ_STOM_SPJ.SP05
_GVRL-0:

24.213.58.250:80:web:public:0:1
---------------------------------

The strange part is that I see nothing in our logs about these URLs.
They are using a new "gateway" system now, where it checks your IP
against their list.  If your IP is authorized, they let you through, if
it isn't on the list, it is supposed to prompt you for your drivers
license number instead.



------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

All mail to and from this domain is GFI-scanned.

Other related posts:

• » Complex URLs?
• » RE: Complex URLs?
• » RE: Complex URLs?
• » RE: Complex URLs?
• » RE: Complex URLs?

1. Home
2. isalist
3. Archive
4. 10-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---