[SQU] Authentication problem

From: Awie <awie@dont-contact.us>
Date: Wed, 11 Oct 2000 15:48:35 +0800

Dear All,
I got a problem to access WEB pages that require authentication such as Yahoo mail, Hotmail, etc. Problems just happen if I run transparent mode.

In the non-transparent mode, everything is OK for most users except accessing HOTMAIL. After adding line "hierarchy_stoplist hotmail.com" in my squid.conf, HOTMAIL can be accessed well.

This problem (authentication) is also happen at users that behind "downstream" proxy such as Microsoft Proxy or WinGate. Although "downstream" proxy was already REDIRECTED manually to use our squid box.

My Squid is version 2.3.STABLE4, Linux Redhat 6.2 (kernel 2.2.14), Cisco IOS 12.0.(7).

My IOS configuration :

access-list 150 deny tcp host 203.91.140.36 any eq www
access-list 150 permit tcp any any eq www

route-map proxy-redir permit 10
 match ip address 150
 set ip next-hop 203.91.140.36

I also use Linux (kernel 2.2.14) that has rc.local as below (as suggested by
Brian Feeny) :

# Routing/forwarding command
echo 1 > proc/sys/net/ipv4/ip_forward
# Accept all loopback
/sbin/ipchains -A input -j ACCEPT -i lo
# Loops prevention
/sbin/ipchains -A input -j ACCEPT -p tcp -d 203.91.140.36 80
#Redirect section
/sbin/ipchains -A input -j REDIRECT 8080 -p tcp -s 0.0.0.0/0 -d 0.0.0.0/0 80

Brian Feeny helps me a lot to configure my transparent mode and John Saunders suggest me to redirect the SSL packet to Squid as well as HTTP.

Do you have experience for this kind of problem?

Many thanks for your help. Your answer is very appreciated.

Best Regards,

Awie
awie@eksadata.com
PT. EKSADATA INTISOLUSI
Phone : (62-361) 261514
Mobile1 : (62-82) 3610369
Mobile2 : (62-818) 346241

--
To unsubscribe, see http://www.squid-cache.org/mailing-lists.html
Received on Wed Oct 11 2000 - 01:50:23 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:55:43 MST