Hey Steve, Your Direct Access list looks like it has both IP addresses and names. BTW -- I'd hardly call a NATbox a "firewall" :\ If the browser configured to use HTTP 1.1 through proxy connections? Thomas W Shinder, M.D. Site: www.isaserver.org <http://www.isaserver.org/> Blog: http://blogs.isaserver.org/shinder/ Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> MVP -- ISA Firewalls ________________________________ From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Steve Moffat Sent: Wednesday, July 12, 2006 3:08 PM To: isapros@xxxxxxxxxxxxx Subject: [isapros] Re: Does this array script look ok to you?? Hi Tom Well thatâs the rubâ..I had the guy that uses it try it 30 minutes ago and it worked fine. Had him close down the session again, and try to login againâ.no joy. Itâs a pain in the ass. If however, he uses another internet connection, which is behind a gnatbox firewall, it works fine everytime. ISA ainât cacheing either, that was the first thing I turned offâ.:( S From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Thomas W Shinder Sent: Wednesday, July 12, 2006 5:04 PM To: isapros@xxxxxxxxxxxxx Subject: [isapros] Re: Does this array script look ok to you?? Hi Steve, Are you saying that your Direct Access list isn't doing what it expect to do? Thomas W Shinder, M.D. Site: www.isaserver.org <http://www.isaserver.org/> Blog: http://blogs.isaserver.org/shinder/ Book: http://tinyurl.com/3xqb7 MVP -- ISA Firewalls ________________________________ From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Steve Moffat Sent: Wednesday, July 12, 2006 2:59 PM To: isapros@xxxxxxxxxxxxx Subject: [isapros] Re: Does this array script look ok to you?? Itâs an electronic banking sign app that works over httpâ..hence *.bankofbermuda.com, The sign in app then calls IE. It sends a security token apparently and it is very intermittent as to whether it passes through ISA. ie Sometimes it does, sometimes it doesnât. Once into the app though, about 6 IE windows open, all with the same login page. I donât have netmon 3 on the server yetâneed to visit the site to do that. S From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Thomas W Shinder Sent: Wednesday, July 12, 2006 4:55 PM To: isapros@xxxxxxxxxxxxx Subject: [isapros] Re: Does this array script look ok to you?? What are you issues? Thomas W Shinder, M.D. Site: www.isaserver.org <http://www.isaserver.org/> Blog: http://blogs.isaserver.org/shinder/ Book: http://tinyurl.com/3xqb7 MVP -- ISA Firewalls ________________________________ From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Steve Moffat Sent: Wednesday, July 12, 2006 1:55 PM To: isapros@xxxxxxxxxxxxx Subject: [isapros] Does this array script look ok to you?? I am having issues with some of the domains listed in the DirectIPâs section. Have I got this right? ISA 2K4 all up to date. //Copyright (c) 1997-2004 Microsoft Corporation BackupRoute="DIRECT"; UseDirectForLocal=true; function MakeIPs(){ this[0]="127.0.0.0"; this[1]="255.0.0.0"; this[2]="192.168.175.0"; this[3]="255.255.255.0"; this[4]="209.164.32.5"; this[5]="255.255.255.255"; this[6]="64.3.108.6"; this[7]="255.255.255.254"; this[8]="64.3.108.8"; this[9]="255.255.255.248"; this[10]="64.3.108.16"; this[11]="255.255.255.240"; } DirectIPs=new MakeIPs(); cDirectIPs=12; function MakeNames(){ this[0]="*.helpdesk.bldc.com"; this[1]="*.bankofbermuda.com"; this[2]="*.freerealtime.com"; this[3]="*.data.primate.com/*"; this[4]="data.primate.com/*"; this[5]="bankofbermuda.com/*"; this[6]="*.ebankline.bankofbermuda.com"; this[7]="*.clientaccess.bankofbermuda.com"; this[8]="*.bankofbermuda.com"; this[9]="*.helpdesk.bldc.com"; this[10]="*.ebankline.bankofbermuda.com"; this[11]="*.clientaccess.bankofbermuda.com"; this[12]="*.bankofbermuda.bm"; this[13]="*.data.primate.com"; this[14]="*.tritonh.bldc.com"; } DirectNames=new MakeNames(); cDirectNames=15; HttpPort="8080"; cNodes=1; function MakeProxies(){ this[0]=new Node("Bldcisa.TritonH.bldc.com",0,1.000000); } Proxies = new MakeProxies(); function Node(name, hash, load){ this.name = name; this.hash = hash; this.load = load; this.score = 0; return this; } function FindProxyForURL(url, host){ var hash=0, urllower, i, fIp=false, ip, nocarp=false, skiphost=false; var list, pl, j, score, ibest, bestscore, port=HttpPort; urllower = url.toLowerCase(); if((urllower.substring(0,5)=="rtsp:") || (urllower.substring(0,6)=="rtspt:") || (urllower.substring(0,6)=="rtspu:") || (urllower.substring(0,4)=="mms:") || (urllower.substring(0,5)=="mmst:") || (urllower.substring(0,5)=="mmsu:")) return "DIRECT"; if(UseDirectForLocal){ if(isPlainHostName(host)) fIp = true;} for(i = 0; i < cDirectNames; i++) if(shExpMatch(host, DirectNames[i])){ fIp = true; break;} if(cDirectIPs == 0){ if(fIp) return "DIRECT";} else{ ip = host; if(fIp) ip = dnsResolve(host); var isIpAddr = /^(\d+.){3}\d+$/; if(isIpAddr.test(ip)){ for(i = 0; i < cDirectIPs; i += 2){ if(isInNet(ip, DirectIPs[i], DirectIPs[i+1])) return "DIRECT";}} else if(isPlainHostName(host)) return "DIRECT"; } if(!skiphost) hash = HashString(host,hash); if(nocarp) hash = HashString(myIpAddress(), hash); pl = new Array(); for(i = 0; i<cNodes; i++){ Proxies[i].score = Proxies[i].load * Scramble(hash ^ Proxies[i].hash); pl[i] = i; } list = ""; for(j = 0; j < cNodes; j++){ bestscore = -1; for(i = 0; i < cNodes-j; i++){ score = Proxies[pl[i]].score; if(score > bestscore){ bestscore = score; ibest = i; }} list = list + "PROXY " + Proxies[pl[ibest]].name + ":" + port + "; "; pl[ibest] = pl[cNodes-j-1]; } list = list + BackupRoute; return list; } var h_tbl = new Array(0,0x10D01913,0x21A03226,0x31702B35,0x4340644C,0x53907D5F,0x62E0566A,0x72304F79,0x8680C898,0x9650D18B,0xA720FABE,0xB7F0E3AD,0xC5C0ACD4,0xD510B5C7,0xE4609EF2,0xF4B087E1); function HashString(str, h){ for(var i=0; i<str.length; i++){ var c = str.charAt(i); if (c==':' || c=='/') break; c = CharToAscii(c.toLowerCase()); h = (h >>> 4) ^ h_tbl[(h ^ c) & 15]; h = (h >>> 4) ^ h_tbl[(h ^ (c>>>4)) & 15]; h = MakeInt(h); } return h; } function Scramble(h){ h += ((h & 0xffff) * 0x1965) + ((((h >> 16) & 0xffff) * 0x1965) << 16) + (((h & 0xffff) * 0x6253) << 16); h = MakeInt(h); h += (((h & 0x7ff) << 21) | ((h >> 11) & 0x1fffff)); return MakeInt(h); } var Chars =" !\"#$%&\'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~âÂ???????????ÂÅÂÂ????????????ÂÅ? ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃà "; function CharToAscii(c){ return Chars.indexOf(c) + 32; } function MakeInt(x){ x %= 4294967296; if(x < 0) x += 4294967296; return x; } Thanks Steve This project is so important, we can't let things that are more important interfere with it. Steve Moffat Operations Director Optimum IT Solutions * Email: steve@xxxxxxxxxx ( Office:(441) 232-8849 ( Mobile: (441) 232-8849 Dedicated to proactively supporting our customers This email may contain confidential information. If you are not named on the addressee list, please take no action in relation to this email, do not open any attachment, and please contact the sender (details above) immediately. Information in this email is provided in good faith. If you are a customer of Optimum IT Solutions please refer to the terms and conditions which cover the provision of support and consulting services to you/your organization. If you are not corresponding in the course of, or in connection with a Optimum IT Solutions contract or program with its own terms and conditions, please note that no liability is accepted by Optimum IT Solutions for the contents of this mail.