Hi Hashani,
I do understand why https connections on some machines fail through squid.
Shouldn't the acl do the work-around for that ?? I've put acl to not cache
hotmail dstdomain. Same configuration has been working with our Redhat
Linux Cache server.
Besides, Since we have our Cache servers connected to the edge router and
we have our clients who use routable IPs, NATing outside the interception
is out of question. About the second option, Is there a way to deny
interception of domain names via ACL in cisco routers ??
Thanks
Manoj
On Sun, 31 Jul 2005, Valton Hashani wrote:
>
> Hi,
> http://geocities.com/tukapr/slbtranscache.html
>
> Before, my network setup was like you see it in the web page. Thats why I
> used Cisco SLB, but now I have different setup and I use WCCP with cisco
> 7200 router for loadbalancing and dosens of transparent cache servers on
> Linux Gentoo machines.
> Here are described the reasons why sometime https requests fails. I hope it
> will help you.
>
>
>
>
> ----- Original Message -----
> From: "Manoj Rajkarnikar" <rajkarnikar@dns1.vianet.com.np>
> To: <squid-users@squid-cache.org>
> Sent: Sunday, July 31, 2005 4:56 PM
> Subject: [squid-users] Hotmail Login problem with Freebsd + wccpv1 + squid
> 2.5-stable10
>
>
> > Hi all
> >
> > I've been looking at this problem and going through the lists for 2 days
> > now and still haven't managed to find a solution.
> >
> > I've setup Squid 2.5-stable10 with Tos_Hit.patch from
> > http://www.it-academy.bg/zph/ It compiled fine from port. Everything works
> > fine except loging in to the hotmail, opening mailbox in yahoomail and
> > loging in to mail.com. Using direct proxy in browser works fine.
> >
> > I've used acl to deny caching of the hotmail domains too.
> >
> > configs:
> >
> > http_port 3128
> > acl hotmail_domains dstdomain .hotmail.msn.com
> > httpd_accel_port 80
> > httpd_accel_host virtual
> > httpd_accel_with_proxy on
> > httpd_accel_uses_host_header on
> > header_access Accept-Encoding deny hotmail_domains
> >
> > bal WCCP information:
> > Router information:
> > Router Identifier: 10.20.30.40
> > Protocol Version: 1.0
> >
> > Service Identifier: web-cache
> > Number of Cache Engines: 1
> > Number of routers: 1
> > Total Packets Redirected: 152593
> > Redirect access-list: my-cache
> > Total Packets Denied Redirect: 23662496
> > Total Packets Unassigned: 33
> > Group access-list: -none-
> > Total Messages Denied to Group: 0
> > Total Authentication failures: 0
> >
> > There is no firewall between the cache and the internet. Please help.
> >
> > Thanks
> > Manoj Rajkarnikar
> >
> >
>
Received on Mon Aug 01 2005 - 01:22:37 MDT
This archive was generated by hypermail pre-2.1.9 : Thu Sep 01 2005 - 12:00:01 MDT