Hi
I have this setup:
INTERNET ---- OTHERPROXY_SQUID25 ---- OTHER_LAN + MYPROXY_SQUID2.6 ---- MYLAN
OTHERPROXY does not allow https out except via the proxy, and
all the NAT'ed OTHER_LAN have proxies set non-transparently.
MYPROXY is on OTHER_LAN and peers to OTHERPROXY, and is
transparent for (again NAT'ed) MYLAN.
MYPROXY has this facing MYLAN:
http_port 10.0.0.1:3128 transparent
never_direct allow all
with port 80 redirected to port 3128 by iptables.
Since OTHERPROXY recently firewall-blocked 443 except
via proxy, MYLAN does not get HTTPS. I got OTHERPROXY
to allow https, then MYLAN has https access again. This is
a temporary solution. Neither adding in squid.conf
http_port 10.0.0.1:443 transparent
nor redirecting 443 to 3128 with iptables allows MYLAN to
use https though. I have the usual http_access deny CONNECT !SSL_ports
in MYPROXY, and if I set the proxy manually in MYLAN, I have https
access. However, not all of MYLAN can set the proxy manually, it is
too dynamic.
Is there another way? Should either of above be working?
regards,
Jan
-- .~. /V\ Jan Groenewald /( )\ www.aims.ac.za ^^-^^Received on Sat Jun 23 2007 - 07:53:00 MDT
This archive was generated by hypermail pre-2.1.9 : Sun Jul 01 2007 - 12:00:04 MDT