> I have one instance of squid is configured for forward web proxy and
> accelerator for OWA (per the wiki). In order for users to avoid changing
> their proxy settings, I need the forward proxy to be able to access OWA
> going out and back in as follows:
>
> Host on internal net -> forward proxy -> accelerator -> OWA server on
> internal net
>
> It seems like this should work. When I try to access OWA from an
> internal host, the browser hangs and the following eventually appears in
> access.log:
>
> 1233516965.141 12567 [internal host IP] TCP_MISS/000 0 CONNECT
> owa.domain.com:443 - FIRST_UP_PARENT/[owa server IP] -
>
> Any ideas would be most appreciated.
>
> Thanks,
> Alan
>
(Assuming you have squid-2.6 or later)
The basic config:
You can multi-mode squid. Ensure that the reverse-proxy settings are all
at the top of the squid.conf and any forward-proxy settings are following
at the bottom.
Also, the "http_access deny all" detailed to finish the reverse-proxy
config gets removed so that on non-reversed requests squid can drop
through and run the forward-proxy settings.
Specific to your loop-back problem:
You need to adjust your reverse-proxy configuration to block the CONNECT
method being used to access the peers.
Then check that the domain IP Squid resolves owa.domain.com to is its own
listening https_port.
Amos
Received on Mon Feb 02 2009 - 00:45:07 MST
This archive was generated by hypermail 2.2.0 : Sun Feb 08 2009 - 12:00:02 MST