Hi guys,
We are currently using our Squid (3.1.x) as transparent HTTP proxy
(with dst nat). We also want to use our Squid as transparent HTTPs
proxy, which works too, despite our Internet research in which we got
many results for "transparent https proxying is not possible". I admit
that there are some issues, but we only want to use it for our guest
lan, not every site has to work. Unforuntately, there are many sites
which start as HTTP-site and redirect to HTTPs before receiving login
credentials (e.g. amazon) or just redirect (e.g.
https://www.juniper.net/customers/csc/). In these situations, my
firefox prints following error message: The page isn't redirecting
properly. It seems Squid can't handle 302 (in transparent https mode?)
https://www.juniper.net/customers/csc/
GET /customers/csc/ HTTP/1.1
Host: www.juniper.net
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:10.0.2) Gecko/20100101
Firefox/10.0.2
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: WT_FPC=waytoolongstuff
HTTP/1.0 302 Moved Temporarily
Location: https://www.juniper.net/customers/csc/
Content-Length: 222
Content-Type: text/html; charset=iso-8859-1
Server: Concealed by Juniper Networks DX
Vary: Accept-Encoding
Date: Fri, 16 Mar 2012 13:23:35 GMT
Set-Cookie: rl-sticky-key=82546ce42517c9836c5deb8079756e0e; path=/;
expires=Fri, 16 Mar 2012 14:08:34 GMT
X-Cache: MISS from xlsqit01_1
Via: 1.0 xlsqit01_1 (squid/3.1.16)
Connection: keep-alive
Can anybody offer a solution or how do you allow HTTPs in your guest
(W)LANs? Direct connection or using proxy-scripts (WPAD,...)?
thanks && best regards,
Peter
Received on Fri Mar 16 2012 - 13:27:19 MDT
This archive was generated by hypermail 2.2.0 : Fri Mar 16 2012 - 12:00:04 MDT