On Wednesday 09 January 2002 13.31, Francis Turner wrote:
> I'm trying to see if squid will transparently redirect HTTPS CONNECTS
> that it receives to a second (checkpoint) proxy/firewall. I think the
> answer is no it just does the CONNECT direct to the internet server and
> there is no way to change it.
Any proxied requests can be forwarded to another HTTP proxy using the
cache_peer directive. This includes the CONNECT tunnel method.
> using the cache_peer parent option and the transparent proxy enabling
> options HTTP is successfully retrieved through the FW and cached. What I
> would like to do is received my users https://securehost requests and
> direct them to the checkpoint FW. But from observation what happens is
> that squid tries to setup the direct connect to the secure server
> instead, which doesn't work as the FW drops the traffic.
You have most likely forgot to tell Squid that it is inside a firewall.
See the never_direct and always_direct directives.
-- MARA Systems AB, Giving you basic free Squid support Customized solutions, packaged solutions and priority support available on requestReceived on Wed Jan 09 2002 - 11:52:57 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:05:48 MST