Elvar wrote:
> Hello,
>
> I've followed the following
> http://wiki.squid-cache.org/SquidFaq/WindowsUpdate and it does work...
> with a catch. In my scenario Dansguardian is running in front of Squid
> on the LAN IP of the firewall which is 172.30.1.2:8888. Squid is
> running on 127.0.0.1:3128. Dansguardian forwards incoming traffic to
> Squid which then goes out to the net. Even following the directions in
> that URL with the port / ip setup above, windows updates do not work.
> In order for me to get them to work, I have to move squid to
> 172.30.1.2 to share the same listen IP as Dansguardian. I do not
> understand why this matters, but it's the only way it ever works. This
> is the case for me on multiple firewalls deployed at difference places.
>
> Can anyone tell me why it will not work with squid listening on
> 127.0.0.1?
>
>
> Thanks,
> Elvar
>
Please disregard, I figured it out. I forgot to add 'localhost' to the
http_access lines for windows update. Once I did it started working
perfectly.
acl windowsupdate dstdomain windowsupdate.microsoft.com
acl windowsupdate dstdomain .update.microsoft.com
acl windowsupdate dstdomain download.windowsupdate.com
acl windowsupdate dstdomain redir.metaservices.microsoft.com
acl windowsupdate dstdomain images.metaservices.microsoft.com
acl windowsupdate dstdomain c.microsoft.com
acl windowsupdate dstdomain www.download.windowsupdate.com
acl windowsupdate dstdomain wustat.windows.com
acl windowsupdate dstdomain crl.microsoft.com
acl wuCONNECT dstdomain www.update.microsoft.com
http_access allow CONNECT wuCONNECT localnet
http_access allow CONNECT wuCONNECT localnet2
http_access allow CONNECT wuCONNECT localhost
http_access allow windowsupdate localnet
http_access allow windowsupdate localnet2
http_access allow windowsupdate localhost
Received on Thu Jul 31 2008 - 18:42:05 MDT
This archive was generated by hypermail 2.2.0 : Fri Aug 01 2008 - 12:00:04 MDT