Search squid archive

Re: WCCPv2 and HTTPS problems

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Dalibor,

Dalibor Dukic wrote:
On Wed, 2007-11-07 at 17:15 +0545, Tek Bahadur Limbu wrote:
Hi Adrian,

Adrian Chadd wrote:
On Wed, Nov 07, 2007, Hemant Raj Chhetri wrote:

Hi Adrian,
I am also facing the same problem with https sites. Yahoo works fine with me but I am having problem with hotmail. Please advice me on how do I handle this or is there any guide which I can refer to.
I don't know of an easy way to handle this, I'm sorry. I know how I'd handle
it in Squid-2.6 but it'd require a couple weeks of work and another few weeks
of testing.
I have 2 FreeBSD-6.2 transparent Squid proxies using WCCP2 with a Cisco 3620 router. Up till now, I am not facing any HTTPS problem. At least, nobody is complaining about Hotmail and Yahoo web mail services.

Are clients on private address space? If You NATed clients and squid on
same address web server see just one address.

My clients are all using public IP addresses.


(Considering how much of a problem this has caused people in the past I'm
surprised a solution hasn't been contributed back to the project..)
Maybe, the solution lies on the setup of the Operating System, Squid and Router itself.

I don't think so. HTTPS request are not forwarded to squid box in
web-cache service group only port HTTP.

Yes I know that Squid does not handle HTTPS requests which leads to another question. If HTTPS does not go through Squid, then does WCCP see them or how does WCCP handle them if at all?

We all know since the beginning when we started learning and using Squid that intercepting or transparent proxy servers will cause some problems down the way. In fact, all softwares will cause some problems. Maybe this is one of the problems.

In fact, I had been facing this Hotmail and Yahoo HTTPS problem with Squid-2.5 in the past. I can't remember exactly how I got it solved. On one occasion, routing solved the problem and in another case, a firewall modification solved the problem.

Maybe the problem still exists now but somehow it has not caught my attention for which I am happy :)

But sooner or later, I'm sure this problem will again pop up on my proxies too and users will be banging my phone! I guess somebody or one of us on this list has to do some really complete analysis and study using whatever tools is required to solve this problem once and for all.


Thanking you...




Thanking you...




Adrian








--

With best regards and good wishes,

Yours sincerely,

Tek Bahadur Limbu

System Administrator

(TAG/TDG Group)
Jwl Systems Department

Worldlink Communications Pvt. Ltd.

Jawalakhel, Nepal

http://www.wlink.com.np

http://teklimbu.wordpress.com

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux