RE: [squid-users] Squid with upstream proxy and SSL.

From: Michael Dent <mike@dont-contact.us>
Date: Mon, 6 Jan 2003 07:55:53 -0000

Yes port 443 is blocked just after squid A, the only route is to send it
via the squid proxies.

Mike

-----Original Message-----
From: Ricardo Garin Jr. [mailto:r.garin@wecare.com.ph]
Sent: 06 January 2003 06:52
To: squid-users@squid-cache.org
Subject: Re: [squid-users] Squid with upstream proxy and SSL.

check any firewall settings of your [squid A], it might be blocking port

443.

> Michael Dent wrote:
>
>>Hi,
>>
>>I've had a read through the archives but cannot see a fix for the
>>exact problem I am having.
>>
>>Here is the setup:-
>>
>>[LAN]--->[Squid A]--->[Squid B]--->[Internet]
>>
>>I can access HTTP sites fine from the LAN. PC's on the LAN are set to
>>use Squid A as proxy for all (web) protocols.
>>
>>HTTPS sites cause problems, usually they return a message saying the
>>session has timed out.
>>
>>I have [Squid A] setup to use [Squid B] as its parent.
>>
>>Some lines from Squid A config file:
>>
>>acl all src 0.0.0.0/0.0.0.0
>>acl local-servers dst 192.168.1.0/255.255.255.0
>>never_direct allow all
>>always_direct allow local-servers
>>prefer_direct off
>>
>>I must use [Squid B] to access SSL sites, I cannot bypass it.
>
>
>
> Looks correct.
>
> What do you get in access.log?
>
> Regards
> Henrik

-- 
virtually yours,
jun
Ricardo P. Garin jr.
Information and Security Solutions Group (ISSG)
3/F Wesolv Open Computing, Inc.
Fujitsu House
Tel.#: 893.71.55 loc. 1385 & 1383
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~
"Email, voice mail, fax, pagers, PDA, SMS, ... so many ways to ignore 
people."
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~
Received on Mon Jan 06 2003 - 00:55:55 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:12:28 MST