Re: [squid-users] Reverse Proxy

From: Mark Elsen <mark.elsen@dont-contact.us>
Date: Wed, 11 Jan 2006 22:56:19 +0100

> Hi,
>
> I am trying to setup Squid for the first time to sit in the DMZ of our network, and act as a reverse proxy to a Windows IIS server on the internal network.
>
> The internal web server uses Windows username/password to authenticate users. This all works well for internal users, but if I try to access it from the Internet, I get the browsers login dialog box. Entering the username/password, and clicking on OK, simply brings the login box back again.
>
> Below is my squid.conf, and attached is the access.log file. I have Redhat Linux 9, with Squid version 2.5-STABLE1-2 installed.
>
> icp_port 0
> http_port 10.0.9.2:80
> cache_effective_user squid
> cache_effective_group squid
>
> acl QUERY urlpath_regex cgi-bin \?
> acl all src 0.0.0.0/0.0.0.0
> acl localhost src 127.0.0.1/255.255.255.255
> acl http_ports port 80
> acl asbestos dst 10.0.3.18/255.255.255.255
> acl CONNECT method CONNECT
>
> http_access allow localhost
> http_access allow CONNECT all asbestos http_ports
> http_access allow all
>
> httpd_accel_port 80
> httpd_accel_host 10.0.3.18
> httpd_accel_single_host on
> httpd_accel_with_proxy off
> httpd_accel_uses_host_header on
>
>

 - Do not use the ntlm auth scheme on the IIS. This protocol is not
http-proxyable
   or acceleratable.

 M.
Received on Wed Jan 11 2006 - 14:56:23 MST

This archive was generated by hypermail pre-2.1.9 : Wed Feb 01 2006 - 12:00:01 MST