G'day, I'd start by grabbing tcpdump/ethereal/wireshark and sniffing the traffic on the Squid-2.5 and Squid-2.6 servers. Remember to snapshot the entire packet with tcpdump (-s 1518) if you want to use tcpdump to capture a pcap file that you can then read in ethereal/wireshark on another box. Enabling the header logging in Squid may help too (log_mime_hdrs on) but its not always that helpful for debugging authentication issues. Then compare the request and reply headers from both Squid-2.5 and Squid-2.6 to see what sort of differences you see. If there aren't any differences (ie, the origin server gets -exactly- the same request and returns -exactly- the same reply) then there's something stranger going on. Take all of this info, whack it in a bugzilla report (http://bugs.squid-cache.org/) and wait for a volunteer to help. :0 Adrian On Fri, Mar 14, 2008, NOCTECH noctech wrote: > Having a rather difficult to fathom problem with a user logging into > some external Outlook WebAccess webmail server. I've read a bunch of > posts about the problems with NTLM and Squid <= 2.5, but this one is > stumping me. > > A little bit about our setup -- using multiple squid and dg boxes and a > WCCP router to transparently cache/filter the web. > > Most of our squid caches are 2.6, but we still have two remaining that > are version 2.5 that we're phasing out. The odd thing is, the login > seems to work correctly with squid 2.5 and incorrectly with 2.6, which > is exactly backwards of what I expect. When I proxy directly to one of > the squid 2.6 boxes, specifically: > > Squid Cache: Version 2.6.STABLE18 > configure options: '--prefix=/usr' '--sysconfdir=/etc/squid' > '--bindir=/usr/sbin' '--sbindir=/usr/sbin' '--localstatedir=/var' > '--libexecdir=/usr/sbin' '--datadir=/usr/share/squid' > '--mandir=/usr/share/man' '--with-maxfd=4096' '--disable-useragent-log' > '--enable-ssl' '--with-openssl' '--disable-ident-lookups' > '--enable-poll' '--enable-truncate' '--enable-gnuregex' > '--enable-async-io' '--with-pthreads' '--with-aio' '--with-dl' > '--enable-storeio=aufs,diskd,ufs,coss,null' > '--enable-removal-policies=heap,lru' '--enable-kill-parent-hack' > '--enable-forw-via-db' '--enable-linux-netfilter' '--enable-underscores' > '--enable-x-accelerator-vary' > > I get a login box (in firefox) that reads: > Enter username and password for "" at http://mail.example.com > > When I put in the credentials and click OK, the box just keeps coming > back. When I click cancel, I get a different login box: > Enter username and password for "mail.example.com" at > http://mail.example.com > > and the login works. > > If I proxy directly to one of the 2.5 boxes: > Squid Cache: Version 2.5.STABLE4 > configure options: --disable-useragent-log --enable-ssl --with-openssl > --disable-ident-lookups --enable-poll --enable-truncate > --enable-gnuregex --enable-async-io --with-pthreads --with-aio --with-dl > --enable-storeio=aufs,diskd,ufs,coss,null > --enable-removal-policies=heap,lru --enable-kill-parent-hack > --enable-forw-via-db --enable-linux-netfilter --enable-underscores > --enable-x-accelerator-vary > > It goes directly to the second login box. > > Any thoughts? Any information I can provide to be helpful? > > Sean > > > -- - Xenion - http://www.xenion.com.au/ - VPS Hosting - Commercial Squid Support - - $25/pm entry-level VPSes w/ capped bandwidth charges available in WA -