Take a look at your filter settings - what part of the URL might match one of them? That URL include a session identifier; everything after "&krypto=mfxq1nTSMWh0shUQOLdqekZxx8aozrkWIFqse0LeL0zGl%2FNNJmka%2F2Na9dd BYsO" If you go there with that data, you'll get a "logged out" response - I did. Do you have any 3rd-party plug-ins running? -------------------------------------------- Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! -------------------------------------------- -----Original Message----- From: Steve Moffat [mailto:steve@xxxxxxxxxx] Sent: Tuesday, December 13, 2005 6:21 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Creating a custom HTTP protocol http://www.ISAserver.org I just had a go at it as well...It was rejected by the HTTP filter. Technical Information (for support personnel) * Error Code: 502 Proxy Error. The request was rejected by the HTTP filter. Contact your ISA Server administrator. (12217) * IP Address: 72.246.122.125 * Date: 12/13/2005 2:20:21 PM * Server: macros.optimum.bm * Source: web filter ________________________________ From: Rob Moore [mailto:RMoore@xxxxxxxx] Sent: Tuesday, December 13, 2005 10:01 AM To: ISA Mailing List Subject: [isalist] RE: Creating a custom HTTP protocol http://www.ISAserver.org Not as far as I know--I've never bought anything off their website. When I try to go to www.staples.com, the site doesn't load (with the error as originally described below). If I try a second time from the same IE window, though, it does load. One perhaps interesting thing: When I first go to www.staples.com, the URL of the page that tries to load is actually http://www.staples.com/webapp/wcs/stores/servlet/home?storeId=10001&lang Id=-1&krypto=mfxq1nTSMWh0shUQOLdqekZxx8aozrkWIFqse0LeL0zGl%2FNNJmka%2F2N a9ddBYs0O. When I try getting there a second time, the page that actually loads is just plain old www.staples.com. Rob ________________________________ From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] Sent: Monday, December 12, 2005 9:55 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Creating a custom HTTP protocol http://www.ISAserver.org Hi Rob, What part of the Staples site doesn't work? I can get there with no problems. Do I have to buy something? Thomas W Shinder, M.D. Site: www.isaserver.org <http://www.isaserver.org/> Blog: http://spaces.msn.com/members/drisa/ Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> MVP -- ISA Firewalls **Who is John Galt?** ________________________________ From: Rob Moore [mailto:RMoore@xxxxxxxx] Sent: Monday, December 12, 2005 9:30 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Creating a custom HTTP protocol http://www.ISAserver.org Between snow days and other stuff, it's taken me a while to get this fully tested. Now I'm getting access to the Staples website to work, but in a rather quirky way. In addition to the four steps I originally mentioned below, I've now also configured the site for direct access. (To do this I opened the Internal network, went to the Web Browser tab, and made an entry for Staples--*.staples.com--in the "Directly access these servers or domains" section.) I've configured my computer to use the autoconfig script. I've tried accessing the Staples website both with and without the Firewall Client software installed. Behavior is the same either way. What happens now is when I try to access the Staples website I get the usual error (actually, it's slightly different--now instead of getting the official ISA orange/yellow one that had more detail, now I get a much more generic-looking one, but with the same essential error: "Error Code: 500 Internal Server Error. The request was rejected by the HTTP filter"). If I then put the address back into the address bar, I connect to the Staples website no problem. When I look at the logs, all the entries for my attempted access go through my generic "access to the Internet" rule--the one that allows most web traffic to most people. None of the traffic is being looked at by my new "access to Staples" rule, which is above the generic rule. I do get a few "Access Denied" entries (Blocked by the HTTP security filter: the response content is encoded and cannot be scanned). Any thoughts about what might be going on now? Thanks, Rob ________________________________ From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] Sent: Wednesday, December 07, 2005 11:27 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Creating a custom HTTP protocol http://www.ISAserver.org Hi Rob, You also have to configure the site for Direct Access, since Web proxy clients will always be Web proxy filter clients. The Direct Access config will bypass the Web proxy client config and enable the Firewall client to handle the connection. And since the Web proxy filter is unbound from the HTTP protocol, the Firewall client connection won't be passed up to the filter. Remember that you need to configure the client to use the autoconfig script if you want the direct access settings configured on the ISA firewall to be applied. HTH, Tom Thomas W Shinder, M.D. Site: www.isaserver.org <http://www.isaserver.org/> Blog: http://spaces.msn.com/members/drisa/ Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> MVP -- ISA Firewalls **Who is John Galt?** ________________________________ From: Rob Moore [mailto:RMoore@xxxxxxxx] Sent: Wednesday, December 07, 2005 10:18 AM To: [ISAserver.org Discussion List] Subject: [isalist] Creating a custom HTTP protocol http://www.ISAserver.org Hello all-- I'm trying to allow traffic to a particular website that's getting blocked by the HTTP filter. To do this, sometime ago I got advice on this list to "create a custom HTTP protocol def, and not bind it to the Web Proxy filter, then make sure that allows access only to the site that uses that protocol." I've tried doing that with no luck. I'm assuming I've not done it correctly. These are the steps I've taken: 1. Created a user-defined protocol (HTTP Staples) for outbound traffic on Port 80. 2. Did not check the Web Proxy application filter for this protocol (I have a feeling this is my error). 3. Created a URL set for the website (http://www.staples.com/* <http://www.staples.com/*> ). 4. Created an access rule above the regular "access to external network" rule, that uses the custom protocol, and allows traffic from All Protected Networks to the Staples URL set for all users. It doesn't work. I still get the same error, "Blocked by the HTTP security filter: the response content is encoded and cannot be scanned". Where did I go wrong? Thanks, Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Rob Moore Network Manager 215-241-7870 Help Desk: 800-500-AFSC ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: rmoore@xxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: rmoore@xxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: isalist@xxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx All mail to and from this domain is GFI-scanned.