Re: [squid-users] Reverse Proxy of OWA/Exchange 2000

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Sun, 22 Feb 2004 22:23:18 +0100 (CET)

On Sun, 22 Feb 2004, Eric Kahklen wrote:

> Yes there is a 3.0 package shipping with SuSE.

You seem to be right there.. not good.

That version is a very early beta release and not at all suitable for
production use, at least not according to the Squid developers.

> Is there an easy way to determine what policies were built into the 3.0
> package from SuSE? I am not sure what heap is, but if needed I will fix
> this before going live with the production server!!! Will this cause
> the server to not work properely? or is it just a security/performance
> issue?

To find what options a Squid-2.5 or later is compiled with all you need to
do is to run "squid -v". This will also tell you the exact version of
Squid used.

> So for defaultsite I would need something like
> defaultsite=owaserver.com/exchange vs. owaserver/exchange? and these
> entries added to the hosts file on the squid server since this points to
> the internal exchange server?? Also, these names should be different
> than the FQDN that hits the squid box? correct?

defaultside SHOULD be the official FQDN by which the clients requests this
OWA service, and MUST NOT include a path.

> vhost?? is this /etc/hosts? I haven't seen any reference in my research
> thus far on vhost, but I may just be to much of a novice I suppose. The
> only thing I see similar is the visible_hostname directive.

It is a http(s)_port option, documented in the squid.conf documentation
for the not yet released Squid-3.0 release.

> So would I just add the option "originserver" like this??
>
> cache_peer owaserver parent 80 0 proxy-only originserver front-end-https=on login=pass

Yes.

> I had a hard time finding what this did exactly and the sample config I was sent kept complaining about it.

From the squid.conf documentation from the upcoming Squid-3.0 release:

cache_peer ...

                     'originserver' causes this parent peer to be contacted as
                     a origin server. Meant to be used in accelerator setups.

http_port ... (and https_port)

           vhost Accelerator mode using Host header for virtual
                        domain support

Regards
Henrik
Received on Sun Feb 22 2004 - 14:23:24 MST

This archive was generated by hypermail pre-2.1.9 : Mon Mar 01 2004 - 12:00:03 MST