Yeap I can ping the intranet server. I can also use lynx on the squid
box to view the intranet. It seems it can access the local webserver
content. Just people using the squid as proxy can't.
Well basically I got a firewall/gateway 192.168.12.0. A watchguard
firebox. It does the NAT. The internal web servers are intranet
192.168.12.5 and primavera which is 192.168.12.14. I'm also setting up
knowledge tree that runs of box 192.168.12.13 however that maybe dynamic
content so squid problably should cache it much. Well my firewall lets
all LAN (trusted) do everything (ALL) to anything (ANY) on the trusted
networks. The firewall should be an issue.
As a first step, all I want to do is have someone that uses squid be
able to access my intranet server without having to key in the intranet
into the proxy exception list.
Hope this sheds some light on my problem. Thanks!
Lazuardi Nasution wrote:
Can you ping your internal web server from your Squid ? Your network
topology is helpful.
-----Original Message-----
From: Anwar Ahmad [mailto:anwar.ahmad@xxxxxxxxxxxx]
Sent: Monday, October 24, 2005 3:25 PM
To: mrxlazuardin@xxxxxxxxxxxx
Cc: squidusers
Subject: Re: Cache LAN and VLAN webservers
I've tried doing a host command namely "host intranet" and I get a correct
response. I even tried installing lynx on it and broswing my intranet server
and it works. However squid it self cannot seem to cache these servers.
I read that squid has some sort of dns client of some sort; is there some
configuration wrong there?
I know that my DNS server works since we can access the intranet server
directly without any problems... This only happens when I configure the
proxy. I'm thinking it might be a configuration thing.
Lazuardi Nasution wrote:
I think there is DNS problem on your internal network.
-----Original Message-----
From: Anwar Ahmad [mailto:anwar.ahmad@xxxxxxxxxxxx]
Sent: Monday, October 24, 2005 2:57 PM
To: squidusers
Subject: Cache LAN and VLAN webservers
Hi All,
I was wondering whether it is possible to cache local LAN & DMZ servers...
and have them accessible to VLAN computers.
Basically I my LAN is 192.168.12.0 and the squidbox has an IP from this
subnet. Basically I want to cache our webserver thats on the LAN (same
subnet) and DMZ (192.168.5.0). This will then be used by those who are
connected to our VLAN on the 172.21.100.0 subnet.
Currently squid can't cache servers. When I set my browser to
192.168.128.5 (our intranet server) I get an error It can't locate the
server. It seems to only cache external web (internet). I've read how
you're supposed to set direct_access for local server but lets say I
want to cache local servers. How do I do this. I pasted my squid.conf
below. I haven't really changed much as I'm not too sure about which
line needs to be changed.
Any help is greatly appreciated.
Thanks!
-------
#squid.conf
http_port 3128
cache_dir ufs /u01/squid 8000 16 256
cache_effective_group proxy
cache_effective_group proxy
acl our_networks src 192.168.12.0/24
http_access allow our_networks
ftp_user squid@xxxxxxxxxxxx
cache_access_log none
cache_store_log none
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_access_log /var/log/squid/access.log cache_log
/var/log/squid/cache.log hosts_file /etc/hosts
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst
127.0.0.0/8 acl purge method PURGE acl CONNECT method CONNECT
http_access allow manager localhost http_access deny manager
http_access allow purge localhost http_access deny purge http_access
deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow
localhost http_reply_access allow all icp_access allow all cache_mgr
anwar.ahmad@xxxxxxxxxxxx httpd_accel_port 80 coredump_dir
/var/spool/squid
