Any firewall rules in place upstream from the squid proxy?
On 4/19/06, Rodrigo Barros <rbarros@procomp.com.br> wrote:
> The web site is www.equifax.com.br , but the problem only happens after
> I authenticate in the site and try to access an specific url
> (https://novoequifaxpessoal.equifax.com.br/PessoalPlusWeb/login.jsp).
>
> The result is always the same:
>
> novoequifaxpessoal.equifax.com.br:443
>
> (60) Connection timed out</
>
> Here's what is shown in the access.log file:
>
> 1145466458.378 445 XX.XXX.XX.XX TCP_DENIED/407 1901 CONNECT
> novoequifaxpessoal.equifax.com.br:443 - NONE/- text/html
> 1145466459.524 591 XX.XXX.XX.XX TCP_DENIED/407 2089 CONNECT
> novoequifaxpessoal.equifax.com.br:443 - NONE/- text/html
> 1145466465.724 6200 XX.XXX.XX.XX TCP_MISS/200 4441 CONNECT
> novoequifaxpessoal.equifax.com.br:443 XXX\barrosr DIRECT/200.142.202.182
> -
> 1145466465.770 2 XX.XXX.XX.XX TCP_DENIED/407 1901 CONNECT
> novoequifaxpessoal.equifax.com.br:443 - NONE/- text/html
> 1145466465.783 9 XX.XXX.XX.XX TCP_DENIED/407 2089 CONNECT
> novoequifaxpessoal.equifax.com.br:443 - NONE/- text/html
> 1145466465.999 215 XX.XXX.XX.XX TCP_MISS/200 3576 CONNECT
> novoequifaxpessoal.equifax.com.br:443 XXX\barrosr DIRECT/200.142.202.182
> -
> 1145466466.078 19 XX.XXX.XX.XX TCP_DENIED/407 1901 CONNECT
> novoequifaxpessoal.equifax.com.br:443 - NONE/- text/html
> 1145466466.109 22 XX.XXX.XX.XX TCP_DENIED/407 2089 CONNECT
> novoequifaxpessoal.equifax.com.br:443 - NONE/- text/html
> 1145466466.316 202 XX.XXX.XX.XX TCP_MISS/200 3587 CONNECT
> novoequifaxpessoal.equifax.com.br:443 XXX\barrosr DIRECT/200.142.202.182
> -
> 1145466466.323 2 XX.XXX.XX.XX TCP_DENIED/407 1901 CONNECT
> novoequifaxpessoal.equifax.com.br:443 - NONE/- text/html
> 1145466466.334 7 XX.XXX.XX.XX TCP_DENIED/407 2089 CONNECT
> novoequifaxpessoal.equifax.com.br:443 - NONE/- text/html
> 1145466526.011 59676 XX.XXX.XX.XX TCP_MISS/503 0 CONNECT
> novoequifaxpessoal.equifax.com.br:443 XXX\barrosr DIRECT/200.142.202.182
> -
>
> After the last TCP_MISS/503 I got the (60) timeout message.
>
> Here's what it's shown in cache.log:
>
> [2006/04/19 14:06:04, 3] libsmb/ntlmssp.c:ntlmssp_server_auth(606)
> Got user=[barrosr] domain=[XXX] workstation=[XXX] len1=24 len2=24
> [2006/04/19 14:06:04, 3] libsmb/ntlmssp_sign.c:ntlmssp_sign_init(319)
> NTLMSSP Sign/Seal - Initialising with flags:
> [2006/04/19 14:06:04, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(62)
> Got NTLMSSP neg_flags=0x20088215
>
>
> Is there anythign else I can provide ?
>
> Thanks,
>
> Rodrigo
>
>
> -----Original Message-----
> From: Mark Elsen [mailto:mark.elsen@gmail.com]
> Sent: Wednesday, April 19, 2006 1:32 AM
> To: Rodrigo Barros
> Cc: squid-users@squid-cache.org
> Subject: Re: [squid-users] HTTPS Web SITE TIMEOUT
>
> > Hi All,
> >
> > I've been searching google for a while and couldn't find a solution
> > for my problem, so if this has already been posted here sorry.
> >
> > I'm running Squid 2.5.10 with ntlm authentication, and I have this ssl
>
> > web site that does not connect. The only error message I get is (60)
> > Connection timed out .
> >
> > If I bypass the proxy and go straight to the web site, I can
> > succesfully access the resource. Any ideas?
> >
>
> - What's the URL of the site ?
> - access.log entry when this is tried ?
>
> - Anything further in cache.log ?
>
> M.
>
>
>
Received on Wed Apr 19 2006 - 18:06:14 MDT
This archive was generated by hypermail pre-2.1.9 : Mon May 01 2006 - 12:00:02 MDT