There's definite issues relating to transparent proxying and
authentication - mostly surrounding the question "how does one
know whether the authentication information is for the website
or for the proxy?"
I'd suggest not using transparent proxying for now and waiting for
Squid-2.6 to mature, which'll fix other random problems with
regards to NTLM-authenticated websites.
Adrian
On Sun, Jun 04, 2006, Teller Sgt Robert J (GCE RCT-7 DATA NCOIC) wrote:
> Classification: UNCLASSIFIED
>
> I am currently running squid stable 2.5 on a Debian server using the 2.6
> kernel. I have my system setup as a transparent proxy redirecting all
> traffic to port 80. Even though it is not recommended I am using NTLM
> auth. I have everything working perfectly my users are able to
> authenticate and surf to about 95% of the websites but for some reason
> some websites show up with a IIS 401 error telling them access denied.
> If I configure the user to use the proxy server directly instead of
> allowing port redirection to happen, they are able to access the website
> just fine or if I change my ACL to allow their IP they can access the
> site just fine. Is there anything I can do to fix this or is this just a
> side effect of tweaking squid to allow transparent auth?
>
> Thank You
> Robert
Received on Sun Jun 04 2006 - 07:14:37 MDT
This archive was generated by hypermail pre-2.1.9 : Sat Jul 01 2006 - 12:00:01 MDT