Hi Michael, That is true, because the UPS software isn't able to use the autoconfiguration script, so its not aware of Direct Access configurations. HTH< Tom -----Original Message----- From: Michael Weber [mailto:mweber@xxxxxxxxxxxx] Sent: Tuesday, January 20, 2004 12:43 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: UPS Worldship http://www.ISAserver.org The HTTP Redirector Filter is set to "send request to server." The outgoing web requests has integrated authentication. I'm confused now. If I tell Worldship to access the proxy server then it will access the proxy server, not the firewall client, because I told it to access the proxy server. So the HTTP redirector filter will not be in play. Is that not right? However, from your UPS log it seems that even though you have the proxy server enabled in UPS, UPS is bypassing the proxy and using the firewall client. Yes -- I have seen that log when I'm not behind the ISA server (laptop dial-up). Michael Weber Director of Engineering XT Racing 1065B Nine North Dr Alpharetta, GA 30004 Phone: 770-992-3795 Fax: 678-990-7920 -----Original Message----- From: Fares Rihani (Personal) [mailto:Fares@xxxxxxxxxx] Sent: Tuesday, January 20, 2004 1:15 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: UPS Worldship http://www.ISAserver.org I am getting unreliable connects to www.uoss.ups.com here as well. But when a connect goes through all is smooth. I would check the HTTP Redirector Filter settings (send request to server) and make sure the client is secureNat or a Firewall client. Also, under Outgoing web requests, is the listener set to Integrated authentication (or maybe try enabling basic with domain "\")? It just seems like your ssl request is not getting through. Here is a successful http trace: 01/20/2004 Host IP address = (153.2.73.100) 01/20/2004 SSL Handshake successful. 01/20/2004 cipher = RC4-40, keySize = 128, secretKeySize = 40 subject = CN=www.uoss.ups.com, OU=Customer Automation, O=United Parcel Service, L=Mahwah, ST=New Jersey, C=US 01/20/2004 Connection successful. 01/20/2004 Connect: Unlocked. 01/20/2004 Sending HTTP request... Fares Rihani -----Original Message----- From: Michael Weber [mailto:mweber@xxxxxxxxxxxx] Sent: Tuesday, January 20, 2004 12:52 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: UPS Worldship http://www.ISAserver.org I am running that version, and that is the article I followed. The only other weird thing that is happening is that when I try to access https://www.uoss.ups.com/ from IE I sometimes get a 403 error, sometimes I get the login screen, and sometimes I get an internal UPS website error ("A recursive error was detected"). It seems to me that I should never get an error if I just try to access the site from a web browser. Michael Weber -----Original Message----- From: Fares Rihani (Personal) [mailto:Fares@xxxxxxxxxx] Sent: Tuesday, January 20, 2004 12:36 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: UPS Worldship http://www.ISAserver.org Michael, Make sure you are running the latest version. I have no problems running under 5.0.37. I had connection problems before upgrading so it is worth a shot. Here is the article for direct connection that I used. http://www.isaserver.org/tutorials/Configuring_Web_Proxy_Clients_for_Dir ect_Access.html Is that how you configured your setup? Fares Rihani -----Original Message----- From: Michael Weber [mailto:mweber@xxxxxxxxxxxx] Sent: Tuesday, January 20, 2004 12:40 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: UPS Worldship http://www.ISAserver.org I do have the direct connection in UPS enabled, and I have tried it with a proxy and without. With the proxy enabled, I still get the "Peer's certificate has an invalid signature" error. It just occurs after a connection to the proxy server is made. The entry in the web proxy ISA log says that it made the connection; however, it returns a 64 error code (The specified network name is no longer available). Michael Weber 192.168.0.26, anonymous, ICCTest_http/1.0, N, 1/20/2004, 12:02:26, w3proxy, <server>, -, www.uoss.ups.com, 153.2.73.100, 443, 0, 52, 1752, SSL-tunnel, TCP, -, www.uoss.ups.com:443, -, Inet, 64, 0x0, Internal access, Allow rule ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: fares@xxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: mweber@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: fares@xxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: mweber@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')