Re: [squid-users] cache_peer - multiple ones

From: Henrik Nordstrom <henrik@dont-contact.us>
Date: Wed, 02 May 2007 01:34:15 +0200

tis 2007-05-01 klockan 23:41 +0100 skrev Gareth Edmondson:

> Thanks for the advice here. I read about this name= option earlier in
> the archives - but I got the impression from previous posters that it
> was in version 3 of squid and not the stable version that ships with
> Debian Etch. The stable version is 2.6.5-6.

It's in 2.6 and later.

> cache_peer_access sslproxy allow CONNECT
> cache_peer_access sslproxy deny all
> cache_peer_access <original upstream name> deny CONNECT
> cache_peer_access <original upstream name> allow all
>
> I'm not sure they are in the right order.

Looks fine.

order of cache_peer_access is important, but only per peer. The order of
the peers is not important.

> >> Everything seems to be working. However when we try and connect to the
> >> 443 website it challenges us again for the AD username and password.
> >> Upon entering this the browser challenges us again and again and again -
> >> simply not letting us through.

One more thing, have you added trust between Squid and the peer for
forwarding of proxy authentication? See the login option to cache_peer.

Regards
Henrik

Received on Tue May 01 2007 - 17:34:20 MDT

This archive was generated by hypermail pre-2.1.9 : Fri Jun 01 2007 - 12:00:04 MDT