Thanks for all the help. It turned out that the most cost effective way
to solve the dilemma was to have our other plant site add an
additional port (like 8080) for http use. Since our router only blocks
port 80, it should let this through. Thanks again!
Stephen
On 17 Jul 99, at 11:25, Dancer wrote:
> Stephen Anderson wrote:
> >
> > I'm in a bad way and was hoping one of the Squid guru's could bail me out.
> > We have been using Squid at our plant site for quite a while. We have
> > been using it to filter porn requests out of our WAN traffice. When we
> > started people would just not use the proxy, so we had our WAN provider
> > disable port 80 traffic on our WAN router except for requests coming from
> > the proxy (which were filtered).
> >
> > No an unexpected consequence has popped up. A user at our plant location
> > is trying to access an IIS secured website on another one of our plant
> > site's webservers. The problem is the user c annot get authenticated by
> > the other plant's webserver. I think what the cause is that stinkin IIS
> > is using some kind of NT-centric authentication routine and the proxy is
> > not passing the information through to the client. One possibility that I
> > am thinking of is they are authenticating on something like IP address.
> > They are seeing the IP of our proxy and not the client.
> >
> > Is there any way with ACLs that I can configure Squid to act as a passive
> > pas-thru for requests to these WAN requests? Something like how it passes
> > throughSSL stuff? Thanks!
>
> Won't help. The authentication will not work if proxied. The scheme is
> bogus, alas.
>
> D
>
>
Received on Tue Jul 20 1999 - 19:32:43 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:47:28 MST