Jon Joyce wrote:
> Hi all,
>
> We currently have a Squid box set up to only allow secure https
> traffic through a manually updated whitelist. So now, all clients must
> provide the name and 443 port of our Proxy server before they can
> access secure sites (i.e. Internet Banking, Hotmail etc.)
>
> We now have the problem that Skype wants to use the outgoing secure
> 443 port which is not allowed through our Proxy...
>
> Is there anyway around this??
Skype will attempt to tunnel the traffic over port 443 using the SSL
protocol as you said,
In order to permit access to skype through squid, you would have to know
the "random" destination
IPs that skype use with the CONNECT method.
One possibility could be you can try permit numeric IPs with the CONNECT
method, but be careful regard to security.
acl N_IPS urlpath_regex ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+
acl connect method CONNECT
http_access allow connect N_IPS all
Thanks
Emilio C.
>
> Anyone's help is much appretiated
>
> Jon
>
>
Received on Tue Jun 06 2006 - 02:27:13 MDT
This archive was generated by hypermail pre-2.1.9 : Sat Jul 01 2006 - 12:00:01 MDT