On 7/02/2015 3:37 a.m., Raymond Norton wrote: > I have the following scenario: > > > > We have a number of Verizon Aps configured to run associated devices > through a GRE > tunnel between Verizon and our network, using a 10.99.0.0/16 subnet which > is NATed to a public address. Policy based routing sends all > port 80 and 443 traffic originating from 10.99.0.0/16 to qlproxy IP > (10.10.1.85) (squid proxy). IPtables on qlproxy box port-forwards all 80 > and 443 traffic to 3126 & 3127. Qlproxy (4.0) has appropriate > transparent and ssl_bump rules to process incoming traffic. > > > > > Squid logs show the request for web pages is made via the policy based > routing (Mikrotik Firewall/Router), but nothing is returned to the > requesting device. It just simply times out after a long wait. > Considered Path-MTU discovery? Make sure that ICMP (and ICMPv6) are enabled and working on all networks the traffic traverses between Squid and the devices. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
