Back to send my feed back after testing proxy rpc via ntlm and squid 3.1.19, the main problem is I can't force sauid to use http1.1, in https analyzer I can see squid is http1.0. How can I force squid 3.1.19 to use http1.1 ? -----Message d'origine----- De : Clem [mailto:clemfree@xxxxxxx] Envoyé : mercredi 7 mars 2012 13:05 À : squid-users@xxxxxxxxxxxxxxx Objet : RE: https analyze, squid rpc proxy to rpc proxy ii6 exchange2007 with ntlm I use only the last 3.2 releases, but I can try with 3.1.19... -----Message d'origine----- De : Amos Jeffries [mailto:squid3@xxxxxxxxxxxxx] Envoyé : mercredi 7 mars 2012 12:08 À : squid-users@xxxxxxxxxxxxxxx Objet : Re: https analyze, squid rpc proxy to rpc proxy ii6 exchange2007 with ntlm On 7/03/2012 11:27 p.m., Clem wrote: > Thx for your reply Amos, > > So the issue is squid doesn't pass through the type-1 message ... > > I've check the http version, check this on IIS6 logs, it's 1v1 and same with > squid. > For keepalive, I've used the only squid parameters I know (u gave me them > later) as : > client_persistent_connections > and > server_persistent_connections > > I think the link SQUID -> IIS6 RPC PROXY is represented by the cache_peer > line on my squid.conf, and I don't know if client_persistent_connections and > server_persistent_connections parameters affect cache_peer too ? > > Dunno what to do now ... My interpretation of your report so far is that the client is not even sending type-1 message when using Squid. Instead it appears that they are trying to use Kerberos, with NTLM label. Or possibly that you overlooked some earlier connection(s) with the other LM message types. If this is not 3.1.19 you can give it a try with that Squid version. Amos
