Using BorderManager 3.8 SP3 beta on NetWare 6.5, I'm trying to write an
access control rule to allow a user to access only Hotmail. I have
written many URL exceptions into a rule in order to do this, including
allowing access to *:// and
*://*. The user cannot login to Hotmail, however.
The BMgr access control log indicates that the user is being blocked
on protocol https, hostname This makes no sense
because the rules I wrote clearly encompass this. I checked the proxy's
HTTP log, though, and I find this block: - {userid} [11/Feb/2005:12:28:28 -0600] "CONNECT HTTP/1.0" 403 1017

GETs and POSTs are working fine, but the CONNECTs are all being blocked.
Finally, if I write an access control rule to allow Any URL, the user
can get to Hotmail just fine.

What do I have to do to allow the user to CONNECT to without allowing Any URL?

Jim Wagner
Arcadia Valley Schools