Hi Everyone
Is anyone out there using Squid as a reverse proxy secure gateway for an
Outlook Web Access Exchange 2003 server?
I have as follows
USER----- (SSLTunnel )-----> SQUID-----(No SSL)----->Exchange 2003
Everything in OWA works perfectly through this SSL gateway, that is all
except the new Exchange 2003 Spell check feature. (When not connecting
through a proxy Spell Check works fine and yes, plain text auth on the
relevant IIS virtual directories is enabled to enable auth requests to
be proxied as NTLM is not proxyable.)
Interestingly I don't think it has anything to do with using Squid in a
reverse configuration as I tested several other randomly selected recent
Stable versions of Squid in a highly default FORWARD proxy mode and all
exhibited the same behaviour.
It looks to be like something in the IIS-->IE browser is not Kosher in
terms of RFC, which perhaps causes Squid to trip over.
Logs give no clear indication, either on the IIS or Squid. The last
entry that you see when trying to spell check through Squid is:
10.0.0.2 - - [03/Sep/2004:19:03:38 +1000] "POST
http://foobar.com/exchweb/bin/spell/owaspell.dll HTTP/1.1" 200 356
TCP_MISS:DEFAULT_PARENT
I have a ticket open with MS who are investigating whether they are
indeed RFC compliant in this area, however this is not likely to produce
anything fruitful and I am expecting the MS solution to be "Install MS
ISA Server!!" Yeah, right!
Has anyone else seen the same behaviour and if so, found a workaround?
If this is a common problem across many versions I can foresee this to
be a growing issue as the uptake of Exchange 2003 increases.
I am using Squid 2.5 Stable 3 on RH 7.3
Thanks in advance,
Dave H
Received on Tue Sep 07 2004 - 18:01:53 MDT
This archive was generated by hypermail pre-2.1.9 : Fri Oct 01 2004 - 12:00:02 MDT