Vosloo, Jaco wrote:
> From Henrik Nordstrom
>> Form: Vosloo, Jaco:
>>> The browser is configured to use the upstream proxy. I want the
>>> transparent proxy to be a MITM between the browser and the upstream
>>> proxy and cache whatever can be cached. This is why I am wondering
> if a
>>> reverse proxy in front of the upstream proxy might provide the
> solution?
>> You need to use the "login=PASS" argument in cache_peer when forwarding
>> the traffic, and configure your Squid as a non-transparent proxy even
> if
>> it has traffic redirected to it via NAT. The "transparent" option
>> applies only when the browsers is not configured to use a proxy, not
>> when the browser is configured to use a proxy but is being sent via NAT
>> to another proxy than configured.
>
> Thank you Hendrik and Amos for your help, I will try your advice right
> away.
>
> Blue Coat is making my life very difficult, according to my support
> contact they do not support having a squid proxy in peer configuration.
Haha, yeah right. Good thign Squid supports BC then ;)
> Have anyone on the list configured a Squid peer to a Blue coat proxy
> with authentication?
>
I haven't tried it but this should work:
cache_peer with 0 as ICP port and no-query no-netdb-exchange no-digest
options.
For the auth it should work with login=PROXYPASS option (NP: thats the
_exact_ string "login=PROXYPASS").
Using "login=PASS" tries to add basic auth if any is missing from the
client but supplied to external helpers. maybe breaking things.
'login=PROXYPASS' just passes whatever the client gave on.)
Amos
-- Please be using Current Stable Squid 2.7.STABLE6 or 3.0.STABLE16 Current Beta Squid 3.1.0.10 or 3.1.0.11Received on Mon Jul 27 2009 - 12:47:07 MDT
This archive was generated by hypermail 2.2.0 : Mon Jul 27 2009 - 12:00:05 MDT