Cybersource Developer Community Cybersource Developer Community

robertpiskule · ‎08-31-2018

!!! WARNING: DO NOT IGNORE THIS !!!

On 9/12/2018, you will be expiring 3 old IP address in favor of 6 new IP addresses:
https://support.authorize.net/s/article/Authorize-Net-Domains-and-IP-Addresses

In order to test my firewall configuration, I can visit the authorize.net pages directly by IP address, skipping DNS.
For example, these two URLs return the same result (using the old IP Address):

https://secure.authorize.net/gateway/transact.dll
https://64.94.118.65/gateway/transact.dll

I get the following error, which is expected:

The following errors have occurred.

(13) The merchant login ID or password is invalid or the account is inactive.

To test our Firewall configurations, I passed in the new server IP addresses.

        https://198.241.207.102/gateway/transact.dll
        https://198.241.206.93/gateway/transact.dll
        https://198.241.207.97/gateway/transact.dll *
        https://198.241.206.88/gateway/transact.dll *
        https://198.241.207.105/gateway/transact.dll *
        https://198.241.206.96/gateway/transact.dll *

The problem is, 4 of these are not working (starred). Rather than getting an error message, the network connection times out. This means that YOUR network is not configured properly; if I get a DNS response containing any one of these 4 IP addresses, my browser will fail to connect.

!!! WARNING:
DO NOT test this on your INTERNAL network. This must be tested from an external, completely separate network from authorize.net. I recommend the following tests:

1) From your PHONE visit the following addresses. One will work, one will not.
      https://198.241.207.102/gateway/transact.dll
      https://198.241.207.97/gateway/transact.dll
2) From your HOME COMPUTER, visit the following addresses. One will work, one will not.
      https://198.241.207.102/gateway/transact.dll
      https://198.241.207.97/gateway/transact.dll
3) From AN AMAZON WEB SERVICES EC2 INSTANCE, visit the following addresses. One will work, one will not.
      https://198.241.207.102/gateway/transact.dll
      https://198.241.207.97/gateway/transact.dll

Please respond ASAP (this affects YOU more than it affects me).

NOTE:

If you instruct me "not to use the IP Address", you do not understand the root issue. The DNS name WILL be translated to 1 of the 6 IP Addresses listed at the end of the day, and unless that IP Address is accessible, I won't be able to finish my checkout process.

ALTERNATIVELY:

Your documentation is incorrect, and I don't need to open up my firewall to all 6 ip addresses.

Thanks,
-Rob

RichardH · ‎08-31-2018

Hello @robertpiskule

Thank you for your detailed post. So this is properly tracked, please also open a case with customer support referencing this post. If you can provide the case number, we can alert our support specialists to look at the case.

Richard

robertpiskule · ‎08-31-2018

Hi Richard.

I submitted a case both in the customer support portal, as well as by phone.

Case #: 05351027

Technition: Aaron

Aaron was great, but the support person he worked with did not understand the fundemental problem that I am describing. This is a critical DNS issue, and you will have problems if you don't solve this.

I strongly encourage both you, and anyone else reading this forum post to try the URLs I submitted and verify they are not working. You must use a non-authorize.net network, because the authorize.net network appears to be working from the inside.

Thanks,

-Rob

robertpiskule · ‎08-31-2018

Seriously, just open up this post on your phone and click the links I gave you. It'll take no more than 2 minutes.

AdamT · ‎09-04-2018

Hello,

Thank you for bringing this to our attention. We have identified and resolved this issue, and all endpoints/IP Addresses are now working as expected.

-Adam

Cybersource Developer Community Cybersource Developer Community

Authorize.net Production Network Not Configured Properly