Re: [squid-users] Accessing OWA2007 reverse-proxied by ISA Server

I think there is something wrong in this OWA server setup:
Check with nslookup if OWA2007 have round robin active:

C:\>nslookup mail.telecomitalia.it
Server: dns1.tiscaliia.it
Address: 213.205.32.10

Non-authoritative answer:
Name: mail.telecomitalia.it
Addresses: 156.54.233.103, 156.54.233.102

If is active like my example use thi in your squid configuration
(squid.conf):
balance_on_multiple_ip off

A round robin configuration for a OWA front-end is a wrong
solution because OWA is a session based web application.

Lodovico Bertolini

At 08:02 25/04/2008, Henrik Nordstrom wrote:
>tor 2008-04-24 klockan 09:34 +0200 skrev Franz Angeli:
>
> > i use Squid Version 2.6.STABLE5 on Debian stable, i have strange
> > problem with this owa site:
> >
> > https://mail.telecomitalia.it
> >
> > If i try to login (with real or fake credentials) with squid login
> > page return to itself without any error!??!
> >
> > If i connect directly all works fine?
>
>First of all try upgrading. There has been some bugfixes to the
>connection pinning / forwarding of Microsoft "looks like HTTP but isn't"
>authentication.
...[show rest of quote]

Just looked to the site: it's a Exchange 2007 OWA running form based
authentication over HTTPS. I'm using Squid 2.6 as a reverse proxy for
my Exchange 2003 OWA running the same configuration without problems.

So, it shouldn't be an authentication problem on Squid, but I still
don't have verified if there are any so called "new features" in OWA 2007
...

Regards

Guido

-

Momo-2 wrote:
>
> Hi folks,
>
> I'm experiencing some trouble to acces an OWA 2007 server, located
> behing an ISA reverse proxy, through our Squid 2.6ST18 proxy.
>
> When I try to access it, IE or Firefox keeps waiting for data to
> tranfer, the page stays blank and it nevers falls nor on time-out or
> any other error.
>
> Squid log shows lines that let think that there is some traffic
> transferred:
>
> 1225194824.927 1042 10.1.103.104 TCP_MISS/200 3088 CONNECT
> OBFUSCATED_URL:443 - DIRECT/84.14.218.217 -
> 1225194825.050 118 10.1.103.104 TCP_MISS/200 1056 CONNECT
> OBFUSCATED_URL:443 - DIRECT/84.14.218.217 -
> 1225194825.185 133 10.1.103.104 TCP_MISS/200 4524 CONNECT
> OBFUSCATED_URL:443 - DIRECT/84.14.218.217 -
> 1225194825.367 168 10.1.103.104 TCP_MISS/200 2371 CONNECT
> OBFUSCATED_URL:443 - DIRECT/84.14.218.217 -
> 1225194849.719 24520 10.1.103.104 TCP_MISS/200 155 CONNECT
> OBFUSCATED_URL:443 - DIRECT/84.14.218.217 -
>
> Direct connexion (I mean bypassing our Squid proxy) to this website works
> fine.
>
> As i had a similar problem some time ago on another OWA installation,
> I tried to deactivate "Accept-Encoding" header in Squid Proxy but it
> is the same problem.
> Our Squid Installation is quite basic, we don't authenticate our
> clients, only a small cache is done on the fly.
>
> For those who would give a try, I pasted the URL at
> http://pastebin.com/m44904a19 to prevent it from showing up in mailing
> lists archives, as this server belongs to a partner.
> Please do not paste it in your replies.
>
> Thanks for any help.
>
> Momo
>
>

-- 
View this message in context: http://www.nabble.com/Accessing-OWA2007-reverse-proxied-by-ISA-Server-tp20208261p20634189.html
Sent from the Squid - Users mailing list archive at Nabble.com.