Config:
acl all src all
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl allowed_hosts src CLIENT.EXTERNAL.IP01/255.255.255.255 CLIENT.EXTERNAL.IP02/255.255.255.255 SERVER.EXTERNAL.IP01/255.255.255.255
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow allowed_hosts
http_access allow localhost
http_access deny all
icp_access allow localhost
icp_access allow allowed_hosts
icp_access deny all
http_port SERVER.EXTERNAL.IP01:3128
http_port SERVER.EXTERNAL.IP02:3128
acl ip01 myip SERVER.EXTERNAL.IP01
acl ip02 myip SERVER.EXTERNAL.IP02
tcp_outgoing_address SERVER.EXTERNAL.IP01 ip01
tcp_outgoing_address SERVER.EXTERNAL.IP02 ip02
hierarchy_stoplist cgi-bin ?
access_log c:/squid/var/logs/access.log squid
#Suggested default:
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
server_persistent_connections off
forwarded_for off
--
Thanks for the help,
Mike
----- Original Message ----
> From: Amos Jeffries <squid3@xxxxxxxxxxxxx>
> To: Michael Johnston <mikej84@xxxxxxxxx>
> Cc: Henrik Nordstrom <henrik@xxxxxxxxxxxxxxxxxxx>; squid-users@xxxxxxxxxxxxxxx
> Sent: Tuesday, July 8, 2008 11:55:14 PM
> Subject: Re: https pages
>
> > I'm sorry for the delay in my response. I am using Windows Firewall on the
> > Squid machine, and have added port 443 to the exceptions. I have even
> > tried disabling the firewall and HTTPS still fails, and I get the same in
> > the access.log.
> > I should also mention that I have tried accessing HTTPS pages using the
> > proxy from the proxy server itself. This does work as expected, but HTTPS
> > from other machines connecting to the proxy server still fail. Does this
> > suggest that the problem is with Squid or elsewhere?
> > Oh, and I guess I should also mention that I'm now using 2.7.STABLE3
> > (standard).
> > Thanks in advance for any help.
>
> Ah, Windows Firewall. I'll refrain from stating my true feelings about
> that 'smart' firewall. Failure without the WFW even on shows its somewhere
> else. Maybe in multiple failure points.
>
> What was your squid config again?
>
> Amos
>
>
> >
> > ----- Original Message ----
> >> From: Henrik Nordstrom
> >> To: Michael Johnston
> >> Cc: Squid Users
> >> Sent: Monday, June 9, 2008 10:56:28 AM
> >> Subject: Re: https pages
> >>
> >> On mån, 2008-06-09 at 05:21 -0700, Michael Johnston wrote:
> >> > When I disabled the "friendly error messages" option in IE, the
> >> message was
> >> the same: "Internet Explorer cannot display the webpage"
> >> > And in Netscape, I get an alert saying: "The document contains no
> >> data"
> >> >
> >> > > Anything in Squid access.log?
> >> > >
> >> > This is what shows up in the access log:
> >> > 1213013343.566 CLIENT.EXTERNAL.IP TCP_MISS/200 39 CONNECT
> >> www.google.com:443 - DIRECT/72.14.205.104 -
> >> > 1213013984.055 CLIENT.EXTERNAL.IP TCP_MISS/200 39 CONNECT
> >> www.yahoo.com:443 - DIRECT/209.191.93.52 -
> >>
> >> Do your firewall allow the Squid server to go out on port 443?
> >>
> >> Regards
> >> Henrik
> >
> >
> >
> >
> >
