Thank you Henrik,
Yes I agree as I stated in a reply to Amos this is not an ideal or a good design but I need to make it work.
I do have SQUID configured as forward proxy but I think I need to setup some routing policy (iptables) to make everything go directly through our servers as they are acting like a proxy but not a caching proxy and can not handle CONNECT method.
Any ideas would be greatly appreciated and I have looked and tried the Config example in the FAQ & WIki on squid-cache.org.
best regards,
Guin
----- Original Message ----
From: Henrik Nordström <henrik@xxxxxxxxxxxxxxxxxxx>
To: Quin Guin <quinguin@xxxxxxxxx>
Cc: squid-users@xxxxxxxxxxxxxxx
Sent: Sat, May 15, 2010 3:17:57 AM
Subject: Re: http CONNECT method with fwd proxy to content server on same subnet
fre 2010-05-14 klockan 07:17 -0700 skrev Quin Guin:
> I have a remote server sending a HTTP CONNECT to my server but my
> server can't handle an HTTP CONNECT. So I wanted to use squid to
> handle the CONNECT method and then send the https requests to my local
> server to handle the request. I know that a transparent proxy doesn't
> know how to handle the SSL requests because is not operating as a
> normal proxy. So I have been using squid as a fwd proxy but it keeps
> sending the http CONNECT method to my end server which is causing
> issues. So I am asking for ideas on what I need to do to look at do
> this. I have tried various iptables rules and cache_peers but nothing
> is seeming to work I am using pretty much the default config except
> for my local network IPs and ACL to allow the traffic.
You should not require anything special. Just Squid configured as a
plain proxy and allowing this remote server to access it.
Note that you SHOULD NOT configure Squid as a reverse proxy. CONNECT is
a proxy method.
But as amos mentioned, why is that remote server sending your CONNECT
requests in the first place? Probably better to address the problem
there.
Regards
Henrik
