> Hi, > > I am trying to setup Squid for the first time to sit in the DMZ of our network, and act as a reverse proxy to a Windows IIS server on the internal network. > > The internal web server uses Windows username/password to authenticate users. This all works well for internal users, but if I try to access it from the Internet, I get the browsers login dialog box. Entering the username/password, and clicking on OK, simply brings the login box back again. > > Below is my squid.conf, and attached is the access.log file. I have Redhat Linux 9, with Squid version 2.5-STABLE1-2 installed. > > icp_port 0 > http_port 10.0.9.2:80 > cache_effective_user squid > cache_effective_group squid > > acl QUERY urlpath_regex cgi-bin \? > acl all src 0.0.0.0/0.0.0.0 > acl localhost src 127.0.0.1/255.255.255.255 > acl http_ports port 80 > acl asbestos dst 10.0.3.18/255.255.255.255 > acl CONNECT method CONNECT > > http_access allow localhost > http_access allow CONNECT all asbestos http_ports > http_access allow all > > httpd_accel_port 80 > httpd_accel_host 10.0.3.18 > httpd_accel_single_host on > httpd_accel_with_proxy off > httpd_accel_uses_host_header on > > - Do not use the ntlm auth scheme on the IIS. This protocol is not http-proxyable or acceleratable. M.
