We have an S160 acting as web proxy and I'm fairly new to it. We can get to www.paypal.com but when we login it just states 'Please make sure you enter your email address and password correctly' and prompts for login details again.
The applicable log (I believe) is: 1255756501.097 0 192.168.1.149 TCP_DENIED/407 1668 CONNECT tunnel://paypal.112.2o7.net:443/ - NONE/- - OTHER-NONE-Active_Directory-NONE-NONE-NONE <-,-,-,-,-,-,-,-,-,-,-,-,-,-,-,-,-> -
I have put 'paypal.112.2o7.net, www.paypal.com, etc' in the bypass list and even made a no authentication url identity with these hosts, however none of this has worked. I am using an open policy allowing port 443.
Just wondering if anyone has some suggestions. Linc.
Try a no auth identity based on a single client ip address, then have that identity apply to both access policy and decryption policy (if https is enabled).
The error is an auth error. So some pages redirect to https. Any https request should not required authentication, since data is encrypted, unless you are using explicit forward proxy or auth based on client ip address.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...