Re: [squid-users] Squid as reverse proxy with outlook web access from Amos Jeffries on 2007-10-31 (squid-users)

From: Amos Jeffries <squid3@dont-contact.us>
Date: Thu, 1 Nov 2007 10:24:02 +1300 (NZDT)

> Hello,
>
> thanks for your answer.
>
> I sense I'm nearing the answer to my problem, but a few things still
> confuse me:
>
>>No need to play with host files.
>>Replace the acls and cache_peer_access with:
>>
>> acl OWA dstdomain domain.resolves.to.squidserver
>> cache_peer_access owaserver allow OWA
>> never_direct allow OWA
>>
>>defaultsite= on the _port should be domain.resolves.to.squidserver
>>name= on cache_peer is just a simple handle to reference the peer by
>> and should be unique for best config reading
>>
>>Amos
>
> at the moment, the squid server is installed on a machine for testing
> (let's say office-pc39.local.myCompany.com) and is reachable through our
> company router at port 61600.
> In my squid.conf file, should I use the internal network name
> (office-pc39.local.myCompany.com) in the "defaultsite" parameter of the
> https_port line?
> Or should I use squidserver's name on the internet, which is reachable by
> port forwarding? (ssl.myCompany.com)

Whichever name users are going to browse to to get to it. IIRC you said
owa.mycompany.com earlier.

>
> The question's the same for the
>> domain.resolves.to.squidserver
> parameter.
>
> I'd be very happy if you could elaborate on your instructions a bit.

Well, here is a bot of my config that I've bandied about already:

http_port 80 vhost defaultsite=www.treenet.co.nz
cache_peer 192.168.100.20 80 0 no-query no-digest no-netdb-exchange
originserver name=rio
acl rioHosted dstdomain treenet.co.nz
cache_peer_access rio allow rioHosted

So, substituting the details you've provided above:

http_port 61600 defaultsite=owa.myCompany.com
cache_peer <owa servers IP> <owa-servers-port> 0 name=owaserver
acl OWA dstdomain office-pc39.local.myCompany.com ssl.myCompany.com
cache_peer_access owaserver allow OWA
never_direct allow OWA

Which name you choose for defaultsite depends on what you want the
OWAserver to respond to. squid will filter any requests without a Host:
header adding "Hots: <defaultsite>"

Amos
Received on Wed Oct 31 2007 - 15:24:06 MDT

This archive was generated by hypermail pre-2.1.9 : Thu Nov 01 2007 - 13:00:02 MDT