Hi Clem, Currently it seems that a fully working reverse Proxy Open Source solution for Exchange 2007 and 2010 is not available. Squid is really near to be fully functional, but there are still some problems. Look my comments in this bug: http://bugs.squid-cache.org/show_bug.cgi?id=3141 Currently I'm running a patched Squid 3.1.19 with http 1.1 support enabled in front of a Exchange 2010 Server. RPC over HTTPS seems to work fine, while EWS from Apple and BlackBerry clients is still problematic. I have tried also to use 3.2, but things seems to be worse: RPC doesn't work at all. Regards Guido Serassio Acme Consulting S.r.l. Microsoft Silver Certified Partner VMware Professional Partner Via Lucia Savarino, 1 10098 - Rivoli (TO) - ITALY Tel. : +39.011.9530135 Fax. : +39.011.9781115 Email: guido.serassio@xxxxxxxxxxxxxxxxx WWW: http://www.acmeconsulting.it > -----Messaggio originale----- > Da: Amos Jeffries [mailto:squid3@xxxxxxxxxxxxx] > Inviato: venerdì 16 marzo 2012 11.54 > A: squid-users@xxxxxxxxxxxxxxx > Oggetto: Re: TR: https analyze, squid rpc proxy to rpc proxy > ii6 exchange2007 with ntlm > > On 14/03/2012 11:32 p.m., Clem wrote: > > Hello, > > > > Ok so I know exactly why squid can't forward ntlm credentials and stop > at > > type1. It's facing the double hop issue, ntlm credentials can be sent > only > > on one hop, and is lost with 2 hops like : client -> squid (hop1) -> > IIS6 > > rpx proxy (hop2) -> exchange 2007 > > > > That's why when I connect directly to my iis6 rpc proxy that works and > when > > I connect through squid that request login/pass again and again. And we > can > > clearly see that on https analyzes. > > > > ISA server has a workaround about this double hop issue as I have wrote > in > > my last mail, I don't know if squid can act like this. > > > > I'm searching atm how to set iis6 perhaps to resolve this problem, but I > > don't want to "break" my exchange so I've to do my tests very carefully > > Cheers. I've added a mention of this to the NTLM issiues wiki page now > for others to find along with the archive of these messages. > > Amos