Authenticating uses on a parent proxy

From: Peter Bates <pjbates@dont-contact.us>
Date: Thu, 3 Jun 1999 08:30:43 +1000

Our setup is as follows,
We have our Internet Gateway / Proxy server located at our corporate
offices. We run Squid 2.2 at our remote site to minimise WAN traffic
between our remote sites and the Internet gateway in head office. The
Gateway is running Novell Bordermanager.

I have squid setup with this Novell proxy as its sole parent. This proxy
should be queried for all requests that are external to our site. From
looking at the logs this seems to be working.

The problem is this. Novel Proxy needs the clients to provide a username
and password. If they connect to Novell Bordermanager directly this works
fine. When they connect to Novell Bordermanager via Squid, they are not
even asked for a password, and the request is refused by Novel Border
manager.

How do I get Squid / Novell Bordermanager to corretly pass the users name
and passwrod request back to the client, and they forward the information
back?

The relevant setup lines are as follows

Note we use the Public A class IP range internaly, and all addresses local
to the squid proxy are on the 10.1.0.0 subnet

---------------------------------------------------------------------------
-------
cache_peer 10.21.0.45 parent 8080 7 no-query default

acl all_hosts dst 0.0.0.0/0.0.0.0
acl all_clients src 0.0.0.0/0.0.0.0
acl ampol_host dst 10.0.0.0/255.0.0.0

http_access allow all_clients

never_direct deny ampol_hosts
never_direct allow all_hosts
---------------------------------------------------------------------------

----
What do I have to add to this?
Thanks
Peter Bates
-------------------------------------------------------------
This correspondence is for the named person's use only.  It may
contain confidential or legally privileged information or both.
No confidentiality or privilege is waived or lost by any
mistransmission.  If you receive this correspondence in error, please
immediately delete it from your system and notify the sender.  You
must not disclose, copy or rely on any part of this correspondence
if you are not the intended recipient.
Any opinions expressed in this message are those of the individual
sender, except where the sender expressly, and with authority,
states them to be the opinions of Caltex Australia Limited or
one of its subsidiaries.
Received on Wed Jun 02 1999 - 16:50:41 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:46:43 MST