On 04/10/10 20:24, Jake Hawkes wrote:
Can anyone help me with this?
Am I missing something obvious?
On Thu, Sep 30, 2010 at 11:09 AM, Jake Hawkes<jakehawkes@xxxxxxxxxxxx> wrote:
Hello,
I am running Squid 2.7.STABLE8 on Windows XP. I am primarily doing
<snip>
It all falls down with HTTPS however.
I honestly can't remember if this has ever worked, (I seem to think it
did) but now I am completely stumped.
I have checked the windows firewall, and it is off.
I have downloaded the SSL package from acme, and there is no
difference in the behaviour.
K. Thats the build you need to be using.
The SSL connections from the browser timeout. Chome reports "Waiting
for proxy tunnel" in the status bar, and then fails with this error:
Error 111 (net::ERR_TUNNEL_CONNECTION_FAILED): Unknown error.
The network underneath squid is blocking the port 443 connections.
Browser gets the Squid fine, Squid locates the destination okay and
starts connecting, then that TCP error #111.
Apparently this is an error produced by the GSE (google web server).
Though I have no way to verify that claim.
<snip>
30/Sep/2010:10:43:46,127.0.0.1, mail.google.com:443, TCP_MISS/000, 0
> 30/Sep/2010:10:48:01,127.0.0.1, www.dropbox.com:443, TCP_MISS/504, 0
>
The 000 indicates Squid tried to fetch but got no data back except a
forced close packet from the remote end.
The second is the same with a Squid timeout being reached instead of a
forced-close packet.
Some educated guesses would be
SSL version(s) built into Squid are not supported by the remote end
(you are screwed).
Network troubles going through some device to port 443 (test with a
non-proxied connection attempt).
TCP window scaling, ECN, or PMTU issues (test with tcp ping packets of
various sizes and see if any sizes cause hanging).
Amos
--
Please be using
Current Stable Squid 2.7.STABLE9 or 3.1.8
Beta testers wanted for 3.2.0.2
