Re: [squid-users] Squid httpd_accel to Exchange 2000 WebMail

From: Jim Williams <jimw@dont-contact.us>
Date: Mon, 03 Dec 2001 21:01:56 -0600

OK, so either I'm the first one to ever try this, noones ever gotten it
to work or I'm not giving enough information?

Open to any suggestions at all??

Jim Williams wrote:

> Greetings all, I hope someone can assist me with this issue.
>
> First off, this is what we are trying to accomplish. We have an Exchange
> 2000 Machine behind a firewall and a Squid/Sendmail box running on RedHat
> 7.1 in the DMZ area. The firewall transparently redirects ports 25 and
> 80 to
> the Exchange Server. Sendmail is currently accepting mail for this domain
> and redirecting it through the firewall to the Exch box. The Squid service
> is acting as a proxy cache for all users on the inside going to the
> Internet. The third request was for the machine to also do a "reverse
> proxy"
> so that when someone hits port 80 on the Squid server it redirects the
> connection to the FW/Exch port 80 so they can get to the WebMail interface.
>
> All of this appears to be working with one major hiccup. After I get past
> the Exch.2000's Basic Authentication password, the first reply is a
> "Document Moved" http response. The sequence is as follows:
> 1. Browser connects to Squid and requests http://squid.ip.com/Exchange
> 2. Squid uses httpd_accel and redirects request to
> http://firewall.ip.com/Exchange
> 3. Firewall transparently redirects this request to the Exchange box.
> 4. Exchange replies "Document Moved to http://firewall.ip.com/Exchange"5.
> HTTP response gets passed all the way back to client browser.
> 6. Browser attempts to open http://firewall.ip.com/Exchange directly and is
> denied because all requests must come through the Squid machine.
>
> If I change squid.conf to forward based on IP or HostName the "Document
> Moved" reply matches so it seems that they are automatically generating the
> response based on the HTTP hearders of the initial request. I have tried
> everything I can think of for a way to get around this but with no luck so
> far. I ended up having to do packet capture and analysis with tcpdump to
> even figure out this much of what is happening. Any suggestions???
>
> I thank you all in advance for your help.
>

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Jim Williams
President - General Manager
Linux-Class.com
phone:214.557.3626 fax:347.521.9891
Break Out of the Windows Box!
Explore the possibilities of Open Source Software.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Received on Mon Dec 03 2001 - 18:55:18 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:05:10 MST