[squid-users] Outlook Web Access

 Hello,

When trying to use squid as a front end to our Outlook Web Access
server, in the following configuration:

Internet<--https port 443-->firewall1<--->https port 443<--->squid
box<--->https port 444<--->outlook web server

I see the following in my log (aka, from a squid -d 9):

ERROR
The requested URL could not be retrieved

While trying to retrieve the URL: http://webmail.domain.com/

The following error was encountered:

  * Unable to forward this request at this time.

This request could not be forwarded to the origin server or to any
parent caches. The most likely cause for this error is that:

  * The cache administrator does not allow this cache to make direct
connections to origin servers, and
  * All configured parent caches are currently unreachable.

Your cache administrator is root.
Generated Tue, 15 Mar 2005 19:49:35 GMT by localhost.localdomain
(squid/2.5.STABLE7)

2005/03/15 13:30:02| Failed to select source for 'http://webmail.domain.com/'
2005/03/15 13:30:02| always_direct = 0
2005/03/15 13:30:02| never_direct = 1
2005/03/15 13:30:02| timedout = 0
2005/03/15 13:30:02| Failed to select source for
'http://webmail.domain.com/favicon.ico'
2005/03/15 13:30:02| always_direct = 0
2005/03/15 13:30:02| never_direct = 1
2005/03/15 13:30:02| timedout = 0

And here are the entried from squid.conf:

http_port 80

https_port 443 cert=/etc/squid/req.pem key=/etc/squid/keyout.pem

acl port80 myport 80

http_access allow port80

deny_info https://exchange.1l.com/exchange port80

hierarchy_stoplist cgi-bin ?

acl QUERY urlpath_regex cgi-bin \?

no_cache deny QUERY

auth_param basic children 5

auth_param basic realm Squid proxy-caching web server

auth_param basic credentialsttl 2 hours

refresh_pattern ^ftp: 1440 20% 10080

refresh_pattern ^gopher: 1440 0% 1440

refresh_pattern . 0 20% 4320

persistent_request_timeout 5 minutes

acl all src 0.0.0.0/0.0.0.0

acl manager proto cache_object

acl localhost src 127.0.0.1/255.255.255.255

acl to_localhost dst 127.0.0.0/8

acl SSL_ports port 443 563

acl Safe_ports port 80 # http

acl Safe_ports port 21 # ftp

acl Safe_ports port 443 563 # https, snews

acl Safe_ports port 70 # gopher

acl Safe_ports port 210 # wais

acl Safe_ports port 1025-65535 # unregistered ports

acl Safe_ports port 280 # http-mgmt

acl Safe_ports port 488 # gss-http

acl Safe_ports port 591 # filemaker

acl Safe_ports port 777 # multiling http

acl CONNECT method CONNECT

http_access allow manager localhost

http_access deny manager

http_access deny !Safe_ports

acl our_networks src 192.168.120.0/255.255.255.0

http_access allow our_networks

http_access allow all

icp_access allow all

httpd_accel_host exchange.1l.com

httpd_accel_port 80

httpd_accel_single_host on

httpd_accel_uses_host_header off

never_direct allow all

acl owa dstdomain exchange.1l.com

http_access allow owa port80

http_access deny all
Received on Wed Mar 16 2005 - 09:33:10 MST