Does anyone use Exchange-WebServices with squid ? > > >We have it up and running with squid 3.1.19 under freebsd with the following config-options, but it takes very long to establish the first connection. >When directly natting ews it's much faster. > > > > >https_port xxx.xxx.xxx.xxx:443 accel cert=/usr/local/etc/squid/4f50b44b67bf9.crt key=/usr/local/etc/squid/4f50b44b67bf9.key defaultsite=g1.xxx.de >cache_peer yyy.yyy.yyy.yyy parent 443 0 proxy-only no-query originserver login=PASS connection-auth=on ssl sslflags=DONT_VERIFY_PEER front-end-https=on name=OWA_HOST_pfs >acl OWA_URI_pfs url_regex -i ^https:// g1. xxx.de/owa.*$ >acl OWA_URI_pfs url_regex -i ^https:// g1. xxx.de/exchange.*$ >acl OWA_URI_pfs url_regex -i ^https:// g1. xxx.de/public.*$ >acl OWA_URI_pfs url_regex -i ^https:// g1. xxx.de/exchweb.*$ >acl OWA_URI_pfs url_regex -i ^https:// g1. xxx.de/ecp.*$ >acl OWA_URI_pfs url_regex -i ^https:// g1. xxx.de/OAB.*$ >acl OWA_URI_pfs url_regex -i ^https:// g1. xxx.de/Microsoft-Server-ActiveSync.*$ >acl OWA_URI_pfs url_regex -i ^https:// g1. xxx.de/rpc/rpcproxy.dll.*$ >acl OWA_URI_pfs url_regex -i ^https:// g1. xxx.de/rpcwithcert/rpcproxy.dll.*$ >ignore_expect_100 on >acl OWA_URI_pfs url_regex -i ^https:// g1. xxx.de/EWS.*$ >cache_peer_access OWA_HOST_pfs allow OWA_URI_pfs >cache_peer_access OWA_HOST_pfs deny allsrc >never_direct allow OWA_URI_pfs >http_access allow OWA_URI_pfs > > >in the access.log we get the following errors > > >1331048055.562 6 207.46.14.63 TCP_MISS/401 312 POST https://g1.xxx.de/EWS/Exchange.asmx - FIRST_UP_PARENT/OWA_HOST_pfs - >1331048055.929 6 207.46.14.63 TCP_MISS/401 705 POST https://g1.xxx.de/EWS/Exchange.asmx - FIRST_UP_PARENT/OWA_HOST_pfs - >1331048056.186 138 207.46.14.63 TCP_MISS/200 1422 POST https://g1.xxx.de/EWS/Exchange.asmx - PINNED/OWA_HOST_pfs text/xml > > >Does anyone have any experiences or ideas ? > > >Regards, > > >martin Martin, For what it is worth, here is our config (3.1.18) - It is working fairly well for our needs. Just the same, if anyone has any input, we are open to suggestions. https_port ###.###.###.###:443 accel cert=/etc/squid/certs/multi.pem key=/etc/squid/certs/multi.key defaultsite=webmail.ourdomain.com cache_peer webmail.ourdomain.com parent 443 0 no-digest no-netdb-exchange connection-auth=on forceddomain=webmail.ourdomain.com no-query originserver login=PASS ssl name=owaServer sslcapath=/etc/squid/certs acl exch_url urlpath_regex -i (\/owa\/|\/public\/|\/exchweb\/|\/exchange\/) acl HTTPSOWA url_regex -i ^https://webmail.ourdomain.com/.*$ acl redirectOWA urlpath_regex ^/$ cache_peer_access owaServer allow exch_url cache_peer_access owaServer deny all never_direct allow exch_url redirect_rewrites_host_header off cache_mem 48 MB maximum_object_size_in_memory 256 KB deny_info https://webmail.ourdomain.com/owa/ redirectOWA http_access deny HTTPSOWA redirectOWA http_access allow exch_url http_access deny all miss_access allow exch_url miss_access deny all ignore_expect_100 on access_log /var/log/squid/access.log cache_log /var/log/squid/cache.log cache_store_log /var/log/squid/store.log cache_effective_user squid
