I have setup a new server with BorderManager 3.7 (+service pack 2
released july 28th - also tested without any service pack) and I'm
testing the SSL authentication (for futur implementation) with the
option "Authenticate only when user attempts to access a restricted
page" and it works great but not with FTP.

I have only 3 rules :

The first only allows specific NDS user to access the following URL : - http://*/*.exe
- http://*/*.zip
- https://*/*.exe
- https://*/*.zip
- ftp://*/*.exe
- ftp://*/*.zip
The second that denies those same URL to all users :
- http://*/*.exe
- http://*/*.zip
- https://*/*.exe
- https://*/*.zip
- ftp://*/*.exe
- ftp://*/*.zip

The third allows all port to any source and destination.



Test #1 :
---------

When open a browser with the page

http://download.winzip.com/n/winzip81.exe

the login page and download will be fine! When open my browser with
this page

ftp://ftp.compaq.com/pub/softpaq/sp2...00/SP24080.exe

I get redirected to


https://11.111.111.1/BM-Login/?"ftp://ftp.compaq.com/pub/softpaq/sp24001-24500/SP24080.exe"


which is normal (I don't that actual page but I see the link in the
title bar - print screen did help also). But instead of showing that
page it redirects me back to

ftp://ftp.compaq.com/pub/softpaq/sp2...00/SP24080.exe

and I get the default IE page saying that "The page cannot be
displayed" (I don't even get a BM error page!).




Test #2 :
---------
Now, if I open a new IE windows and copy that same link


https://11.111.111.1/BM-Login/?"ftp://ftp.compaq.com/pub/softpaq/sp24001-24500/SP24080.exe"


it works (I get the BM login) - really! I also verified my print
screen with the above link with somebody else (sh*t happens...)

So I though maybe when I get redirected to the login page it will also

use the same rules so I removed the "https://*/*.exe" in my first rule

without any luck! If it works for http it should work for ftp right!



Test #3 :
---------

If I have a browser opened with :


https://10.195.208.9/BM-Login/?"http://download.winzip.com/n/winzip81.exe"


and replace that link with

ftp://ftp.compaq.com/pub/softpaq/sp2...00/SP24080.exe

it works (I get the BM login).


If I disable all the rules it also works... obviously :)
And, like I said, http download are working perfectly!
I also recreated the rules from scratch and nstalled bm37fp3b.exe with

the same results.

Any help would be appreciated.

Thanks

J-F