On 01/02/2011, at 12:50 AM, Chad Naugle wrote: > Is the cache_peer parent, also 3.1.10 or another type of proxy? > This is running in a test environment so I have tried a few different parents but the result is always the same. I have tried squid-3.0.STABLE19, squid-3.1.10 and ISA2006 as the parents. >>>> Michael Hendrie <michael@xxxxxxxxxxxxx> 1/31/2011 12:50 AM >>> > Hello List, > > I need to use a version with connection pinning and was hoping to use > 3.1.10 but I've run into a problem using a cache_peer that requires NTLM > authentication. In my tests I'm able to get 3 authenticated requests > through the parent (access.log on parent shows they have been > authenticated) before the client starts to receive a pop-up to enter > credentials. In the test, child and parent are on the same LAN segment > so there is nothing in between doing any port translations, etc. > > The relevant parts of my config: > > cache_peer 172.16.50.45 parent 8080 0 no-query proxy-only default > login=PASS > never_direct allow all > persistent_connection_after_error on > > I have also tried adding "connection-auth=on" to both the cache_peer > and http_port directives but this hasn't helped the situation. > > Testing with squid-2.7STABLE9 doesn't show the above issue, connection > pinning seems to work perfectly to the parent proxy. I have also tried > 3.1.9 and 3.1.8 in case it was something that was unexpectedly > introduced in the latest version but they fail also. > > I should point out that in my tests using 3.1.x talking to an origin > server requiring NTLM works perfectly, only to a cache_peer fails. > > Does anyone have any ideas as to why this is failing, or a 3.1.x > talking to an NTLM parent and if so could you please share your exact > 3.1.x version and relevant config. > > Thanks > Mick > > > > > > Travel Impressions made the following annotations > ------------------------------------------------------------- > "This message and any attachments are solely for the intended recipient > and may contain confidential or privileged information. If you are not > the intended recipient, any disclosure, copying, use, or distribution of > the information included in this message and any attachments is > prohibited. If you have received this communication in error, please > notify us by reply e-mail and immediately and permanently delete this > message and any attachments. > Thank you."