tis 2007-05-01 klockan 23:41 +0100 skrev Gareth Edmondson:
> Thanks for the advice here. I read about this name= option earlier in
> the archives - but I got the impression from previous posters that it
> was in version 3 of squid and not the stable version that ships with
> Debian Etch. The stable version is 2.6.5-6.
It's in 2.6 and later.
> cache_peer_access sslproxy allow CONNECT
> cache_peer_access sslproxy deny all
> cache_peer_access <original upstream name> deny CONNECT
> cache_peer_access <original upstream name> allow all
>
> I'm not sure they are in the right order.
Looks fine.
order of cache_peer_access is important, but only per peer. The order of
the peers is not important.
> >> Everything seems to be working. However when we try and connect to the
> >> 443 website it challenges us again for the AD username and password.
> >> Upon entering this the browser challenges us again and again and again -
> >> simply not letting us through.
One more thing, have you added trust between Squid and the peer for
forwarding of proxy authentication? See the login option to cache_peer.
Regards
Henrik
This archive was generated by hypermail pre-2.1.9 : Fri Jun 01 2007 - 12:00:04 MDT