[squid-users] Reverse proxy problem

Dear all,

        I setup a reverse proxy server for internal webmail service
using squid2.5 stable 3. There are 4 webmail servers in the Internal
Network . The below is the network diagram.

         (services: http) (services: http)
        Group of mail servers----- Central Webmail <------> Firewall
Box <----------> Internet
                                                                  |
                                                                 |
                                                             Reverse Proxy
server
                                                            11.0.0.1 (NAT
to 13.0.0.1)

        My requirement is that the webmail can be used from Internet
through this reverse proxy. When users access to the Central Webmail, it
checks username and password for authentication. If pass, then redirect
to one of the mail servers which the user's mailbox exist.

        At Reverse Proxy server, I've configured squid with
--disable-internal-dns option. Webmail servers lists in the /etc/hosts
file. Reverse Proxy server already has the real IP address and NAT by
Firewall Box. The below is the configuration.

/etc/hosts
-------------------------
162.xx.xx.0 centralmail
162.xx.xx.1 webmail1
162.xx.xx.2 webmail2
162.xx.xx.3 webmail3
162.xx.xx.4 webmail4

Squid.conf

http_port 80
httpd_accel_host virtual
httpd_accel_single_host off
httpd_accel_uses_host_header on
httpd_accel_with_proxy on
httpd_accel_port 80
 
visible_hostname centralmail
acl all src 0.0.0.0/0.0.0.0
http_access allow all

        The problem is when I access the webmail from both DMZ and
Internet, the web page returns an error message about access denied.
What 's wrong?

Any help is greatly appreciated!

Regards and Thank you
Niti : )
Received on Thu Aug 14 2003 - 01:29:35 MDT