[squid-users] proxy_auth when using a parent cache

From: Chris Joyce <chris@dont-contact.us>
Date: Thu, 30 Oct 2003 02:45:57 +1100

I've got my self stuck on two problams when using proxy_auth

when proxy_auth is in use MS word's clipart search dose not work , seems to
attempt auth once then fails.
I don't have any other problam with proxy_auth on the any client using MS
word , just seems to be a MS Word thing ?

the second is more involved

I've got two squid servers running on my network , squid-1 used to access
the internet , and runs proxy_auth
the sencond squid-2 acts as a proxy on a private link to a intranet , and
forwards everything else to squid-1

everyting works fine with no proxy_auth but when its on clients connecting
to squid-1 work ok
clients connecting to squid-2 can auth for some reason ? ( squid-2 dose not
do any proxy_auth)

I could drop ine squid if I could get proxy_auth to not throw up a loging
when the request is going to the
connected private network , but other wise two servers will do just fine .

    chris

squid-1

acl nac-password proxy_auth REQUIRED

acl our_networks src x.x.x.x/24
acl our_servers dst x.x.x.x/24
acl adsl_network src x.x.x.x/24
acl pcc_network src x.x.x.x/22

http_access allow nac-password

http_access allow our_servers
http_access allow our_networks
http_access allow adsl_network
http_access allow pcc_network
http_access allow localhost

icp_access allow our_servers
icp_access allow our_networks
icp_access allow adsl_network
icp_access allow pcc_network
icp_access allow localhost

http_access deny all

# always go direct to local systems
always_direct allow our_servers

squid-2

cache_peer squid-1 parent 3128 3130
acl our_networks src x.x.x.x/24
acl our_servers dst x.x.x.x/24
acl adsl_network src x.x.x.x/24
acl pcc_network src x.x.x.x/22

#http_access allow nac-password

# are the requests from our network ?
#http_access allow our_servers
#http_access allow our_networks
#http_access allow adsl_network

http_access deny our_servers
http_access deny our_networks
http_access deny adsl_network
http_access allow pcc_network

icp_access allow our_servers
icp_access allow our_networks
icp_access allow adsl_network
icp_access allow pcc_network

http_access deny all

always_direct allow our_servers
always_direct allow adsl_network
always_direct allow pcc_network

# never go direct to any other place
never_direct allow all
Received on Wed Oct 29 2003 - 08:46:04 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:20:44 MST