Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1278
Views
5
Helpful
5
Replies

IronPort WSA with Authentication unable to access 2 character domain names with 2 character TLDNs

Jeffrey Ness
Level 1
Level 1

‎09-24-2012 12:59 PM

I've discovered an issue requiring user authentication and some of the short url sites likes e2.ma will not load in Internet Explorer explicitly configured to go through an IronPort WSA. In testing with bogus domains (a.to, aa.to) it seems the issue is if the domain name is 1-2 characters and the top level domain name is also 2 characters long. Longer domains (aaa.to) work and return an IronPort error for DNS_FAIL. Does anyone know of a workaround to not have to allow all these as unauthenticated destinations?

Labels:
0 Helpful
5 Replies 5

Chris Illsley
Level 3
Level 3

‎09-25-2012 12:56 AM

Hello,

Had a test of this with a different proxy server and no proxy server, all the same, it's an IE thing, there is a workaround below:

http://drupal.org/node/280623

Thanks

Chris

0 Helpful

Jeffrey Ness
Level 1
Level 1
In response to Chris Illsley

‎09-25-2012 03:42 AM

Support pointed me towards that KB article as well, but it is for IE 5 (and fixed in IE 6), but IE 8+ uses a TLD list from Microsoft (visible by using res://urlmon.dll/ietldlist.xml) and I don't control the external website. I'm going to try using an IP address surrogate instead of session cookies for these domains and see if that resolves this.

Jeffrey Ness
Level 1
Level 1
In response to Jeffrey Ness

‎09-26-2012 04:13 PM

Just in case anyone else runs into this using IP address surrogates can work, but care must be taken on the timers to not cause issues with any other session cookie surrogates.

0 Helpful

Chris Illsley
Level 3
Level 3
In response to Jeffrey Ness

‎10-10-2012 08:19 AM

Just had the same request, as Jeffrey suggested, created a Custom URL category and created an identity based on this using IP surrogates and it works fine.

0 Helpful

Ken Stieers
VIP
VIP

‎10-10-2012 09:21 AM

GAH! here's an old article from the Ironport KB

https://ironport.custhelp.com/app/answers/detail/a_id/1519/kw/wccp

0 Helpful
Customers Also Viewed These Support Documents
Top