Hello Ruiyan,
Which auth have you set in your outlook anywhere setting ? Squid works
fine with Basic but has big troubles with NTLM.
regards
Clem
Le 23/05/2012 22:38, Ruiyuan Jiang a écrit :
> Hi, when I tried to test accessing MS exchange server, the outlook just kept prompt for the user name and password without luck. Here is the message from squid's access.log from the test:
>
> 1337803935.354 6 207.46.14.62 TCP_MISS/200 294 RPC_IN_DATA https://webmail.juicycouture.com/Rpc/RpcProxy.dll - PINNED/exchangeServer application/rpc
> 1337803937.876 6 207.46.14.62 TCP_MISS/401 666 RPC_IN_DATA https://webmail.juicycouture.com/rpc/rpcproxy.dll? - FIRST_UP_PARENT/exchangeServer text/html
> 1337803937.965 11 207.46.14.62 TCP_MISS/401 389 RPC_IN_DATA https://webmail.juicycouture.com/rpc/rpcproxy.dll? - FIRST_UP_PARENT/exchangeServer text/html
> 1337803938.144 6 207.46.14.62 TCP_MISS/401 666 RPC_OUT_DATA https://webmail.juicycouture.com/rpc/rpcproxy.dll? - FIRST_UP_PARENT/exchangeServer text/html
> 1337803938.229 6 207.46.14.62 TCP_MISS/401 389 RPC_OUT_DATA https://webmail.juicycouture.com/rpc/rpcproxy.dll? - FIRST_UP_PARENT/exchangeServer text/html
>
>
> Here is my squid.conf for the test:
>
> https_port 156.146.2.196:443 accel cert=/opt/squid-3.1.19/ssl.crt/webmail_juicycouture_com.crt key=/opt/squid-3.1.19/ssl.crt/webmail_juicycouture_com.key cafile=/opt/apache2.2.21/conf/ssl.crt/DigiCertCA.crt defaultsite=webmail.juicycouture.com
>
> cache_peer internal_ex_serv parent 443 0 no-query originserver login=PASS ssl sslflags=DONT_VERIFY_PEER,DONT_VERIFY_DOMAIN name=exchangeServer
>
> acl EXCH dstdomain .juicycouture.com
>
> cache_peer_access exchangeServer allow EXCH
> cache_peer_access exchangeServer deny all
> never_direct allow EXCH
>
> http_access allow EXCH
> http_access deny all
> miss_access allow EXCH
> miss_access deny all
>
>
> Where did I do wrong? I also tried a different squid.conf (basically remove all the ACLs) but got the same message in access.log:
>
> https_port 156.146.2.196:443 accel cert=/opt/squid-3.1.19/ssl.crt/webmail_juicycouture_com.crt key=/opt/squid-3.1.19/ssl.crt/webmail_juicycouture_com.key cafile=/opt/apache2.2.21/conf/ssl.crt/DigiCertCA.crt defaultsite=webmail.juicycouture.com
>
> cache_peer internal_ex_serv parent 443 0 no-query originserver login=PASS ssl sslflags=DONT_VERIFY_PEER,DONT_VERIFY_DOMAIN name=exchangeServer
>
> cache_peer_access exchangeServer allow all
>
> http_access allow all
> miss_access allow all
>
> Thanks.
>
> Ryan Jiang
>
>
>
> This message (including any attachments) is intended
> solely for the specific individual(s) or entity(ies) named
> above, and may contain legally privileged and
> confidential information. If you are not the intended
> recipient, please notify the sender immediately by
> replying to this message and then delete it.
> Any disclosure, copying, or distribution of this message,
> or the taking of any action based on it, by other than the
> intended recipient, is strictly prohibited.
>
>
Received on Thu May 24 2012 - 05:47:10 MDT
This archive was generated by hypermail 2.2.0 : Thu May 24 2012 - 12:00:05 MDT