On 17.01 23:07, Kenrick wrote:
> Thanks for the reply. What would be the best setup in
> Squid Proxy to replace my MS ISA Proxy server without
> manually adding proxy server IP address in IE settings
> on users PC?
Why? setting up a proxy (== letting the browsers know that they DO use a
proxy) is much better than intercepting their connections and lying to them
(they think they connect direct to the server, while they access proxy)
> Transparent proxy in Squid would be the nearest option but I cannot browse
> HTTPS sites. I'm using Redhat Enterprise Linux 4.
squid can't intercept HTTPS connections and there's no reason for this
because it even can't do anything with encrypted connections.
> The current MS ISA proxy setup is similar to transparent proxy in Squid
> but the problem with Squid is that it cannot browse HTTPS sites, MS ISA
> can browse HTTPS sites.
where do you redirect HTTPS conections? to port 433 of MS ISA proxy?
in such case squid could detect and forward connections (or probably also
refuse them) but it would require ad this feature to squid. You can fill a
wishlist bugreport, but developers will probably refuse it with WONTFIX.
-- Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. LSD will make your ECS screen display 16.7 million colorsReceived on Wed Jan 18 2006 - 02:40:27 MST
This archive was generated by hypermail pre-2.1.9 : Wed Feb 01 2006 - 12:00:01 MST