On 01/02/11 16:01, John Treen wrote:
> Hi Everyone,
>
> I am having trouble getting WSUS 3.0 to communicate through Squid when
> using NTLM authentication. Back in early 2009 I did some testing and
> determined that 2.6.STABLE5 appears to be the last version that WSUS
> would successfully communicate through the proxy using NTLM.
>
> Yesterday I tried Squid 3.1.10 and WSUS still returns a 407 Proxy
> Authentication Required. If I uninstall 3.1.10 and then install
> 2.6.STABLE5 using the same configuration on my test machine WSUS works
I'm a little suspicious of this. Mainly because we altered many small
background options and behaviours to achieve almost complete HTTP/1.1
compliance in 3.1.
>
> If I comment out the auth_param ntlm lines (just leaving basic
> authentication enabled) WSUS works with 3.1.10, so I believe it could be
> something going wrong in the NTLM handshake.
>
> What is the best way to start debugging what the problem could be?
The easy way is to take a full packet capture (tcpdump -s 0 ...) when
using the working Squid and again with the non-working. Compare the two
transactions headers in wireshark and see if anything appears.
The hard way is to dredge the squid cache.log at debug_options 29,5 on
the 3.1 install and see what is happening.
Amos
-- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.10 Beta testers wanted for 3.2.0.4Received on Tue Feb 01 2011 - 06:22:09 MST
This archive was generated by hypermail 2.2.0 : Tue Feb 01 2011 - 12:00:04 MST