Joseph L. Casale wrote:
I am running squid-2.6.STABLE6-5.el5_1.3 on CentOS 5 with ntlm auth
and all our mail and banking ssl sites are functioning except one
site, messaging.covisint.com:443 that we do EDI with. I am getting:
192.168.0.146 TCP_DENIED/407 1859 CONNECT messaging.covisint.com:443 - NONE/- text/html
in the access.log.
I am reading http://squid.sourceforge.net/ntlm/client_proxy_protocol.html
and I assume this is more to do with how the client application was coded,
possibly it is not smart enough to retry enough times?
Is there something from within Squid I can do rather than bypass the
site in ie's proxy settings (which allow this application to function)
as client side direct access to the net will soon be removed? maybe a
rule for access to this url to not require auth and go straight to it?
Thanks,
jlc
Add this before the line that requires auth:
acl covisint dstdomain messaging.covisint.com
http_access allow CONNECT localnet covisint
Assuming that you have the localnet (local network ranges) and CONNECT
acls defined already.
Amos
--
Please be using
Current Stable Squid 2.7.STABLE5 or 3.0.STABLE10
Current Beta Squid 3.1.0.3 or 3.0.STABLE11-RC1
