Re: [squid-users] Win.x and Windows 2000 different behaviour

Hi,

On Mon, 10 Dec 2001, --==[bMan]==-- wrote:

> O.K. I'm going bananas here. I wonder if this is a "known" issue related to
> Microsoft products not working the same across their OSes or it's a bug (do I
> dare to say in ... Squid)?

No. A misunderstanding probably.

> Here is a deal: I have a directive in my squid.conf file:
>
> acl local-intranet dstdomain .foo.net
> always_direct allow local-intranet

This is telling squid to never use a parent cache for "local-intranet". It
has nothing to do with a browser going direct or not. Squid cannot tell a
browser not to use squid. The browser must be configured to not use the
proxy for certain domains.

> where .foo.net is my local intranet domain. I want my proxy to send web
> clients directly to .foo.net without even looking at its cache. It works
> find with IE on Windows.x platform but does not work on Windows 2000 (haven't
> tried XP yet). My problem is that if I cannot send clients directly to the
> site, NTLM authentication will not work. Therefore, the above solution
> seemed perfect for the task until I started to test Squid proxy with Windows
> 2000.

Not a squid problem. It's the browser that needs to be configured to go
direct.

> When looking into my access.log file, I have noticed that when IE runs on
> Windows.x and makes a request to a local domain, it does not register with my
> logs. However, when a web browser makes a request to a local domain from
> Y2K, I can see a corresponding entry with DIRECT/.foo.net -- directive in it.

Yes. The Windows.X browsers have been configured not to use squid. The
Win2K browser has not.

>
> What am I missing here? I REALLY would have to make sure that IE on Y2K goes
> directly to the local sites (of course, there is also the client's side and
> it can be taken care of that way but proxy solution would seem so much better
> because no additional setup would have to be done with client's browser to
> facilitate NTLM compatibility....

It has nothing to do with squid. It is a browser configuration issue. A
proxy cannot tell a browser not to use the proxy.

Colin
Received on Mon Dec 10 2001 - 21:54:34 MST