Hi Amos, Thanks for the reply. Sorry, what I meant by that was that I was logged into the Squid Windows server using remote desktop so that I could edit the configuration so that is separate from the machine trying to use Squid a a proxy. So it would seem like the issue is with the firewall from what you're saying? Using the most basic Squid config pointing it at the firewall as a parent should be all I need to do for the Windows username to be passed through to the firewall? Thanks, Sam > On 3 May 2017, at 14:43, Amos Jeffries [via Squid Web Proxy Cache] <ml+s1019090n4682277h30@xxxxxxxxxxxxx> wrote: > > On 03/05/17 22:47, BurningSky wrote: > > > Hi, > > > > I have been searching around the web for a while now to try and find a > > solution but having not had much luck I was wondering if someone on here > > could help. > > > > I have set up a Windows 2008 R2 server running the Diladele pre-complied > > Squid 3.5 proxy and am looking to make use of our firewall for URL > > filtering. Our firewall allows/denies access to certain web sites by using > > the AD group memberships of the Windows end user. > > > > I have managed to get a basic config up and running and am using the line > > below to forward the traffic via the proxy setup on our firewall. If I point > > the end user machine directly at the firewall then the filtering works but > > the firewall doesn't have caching, thus wanting to use Squid. > > cache_peer whl-utm1.e2v.com parent 3128 0 no-query default login=PASSTHRU > > > > As I am new to Squid I thought, perhaps naively, that the end user domain > > username would automatically be forwarded on with the requests to the parent > > but in the parents log file I just seem to see the username of the account > > that I have RDPed to the server on, not of the end user machine that the > > request is coming from. > > Not sure exactly what you mean by "RPDd", but you can only authenticate > one user at a time with connection based authentication. > > The login=PASSTHRU is correct for passing whatever the clients sends > through to the parent proxy and vice versa for the parents response auth > headers. Squid must not itself perform any type of authentication with > either client, or the parents cache_peer TCP connections. > > Amos > > _______________________________________________ > squid-users mailing list > [hidden email] > http://lists.squid-cache.org/listinfo/squid-users > > > If you reply to this email, your message will be added to the discussion below: > http://squid-web-proxy-cache.1019090.n4.nabble.com/Passing-Windows-username-to-parent-proxy-tp4682272p4682277.html > To unsubscribe from Passing Windows username to parent proxy, click here. > NAML -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/Passing-Windows-username-to-parent-proxy-tp4682272p4682278.html Sent from the Squid - Users mailing list archive at Nabble.com. _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
