Alan Lehman wrote:
Try some of the settings to disable pass-thru on the specific
ports
and/or peer:
http://wiki.squid-cache.org/Features/ConnPin
My config pretty much follows the wiki example for OWA accelerator.
Squid 3.1.0.3. I'm using the same port for OWA and Activesync. I
just
added connection-auth=off on https_port and removed all auth_param
lines, and that took care of my problem.
Before I go recommending this as a general fix in 3.1, are BOTH of
those
changes needed for it to work?
I know there are people using Squid+OWA in multi-mode who may need
auth
for other things. Can we get away with just "connection-auth=off" on
the
port?
Amos
The auth_param lines don't seem to make any difference. It works for
me with them in.
Great. I'll get the wiki updated.
Thanks for your help finding this and testing the solution.
That's terrific that it works, but I'm not sure I understand why. Does "connection-auth=off" disable pass-through of NTLM? My understanding of the Activesync devices is that they require NTLM.
Yes it disables pass-thru for NTLM.
Which for you blocks that first NTLM challenge (direct from the OWA?),
and leaves the second (from your Squid auth_* setup?) to go through.
Amos
--
Please be using
Current Stable Squid 2.7.STABLE5 or 3.0.STABLE11
Current Beta Squid 3.1.0.3
