Hi
I use 2 server that connected to each other with IPsec tunnel.
client >>>> Server1 ======ipsec tunnel======Server2>>>>Internat
I configured Nat in Server2 toward internet and I use squid with tproxy and ssl bump configuration to intercept https requests!
without ipsec tunnel my squid server work fine and also when I disable squid in server2 and only use IPsec tunnel everythig is going fine but when I enable squid with IPsec tunnel my client in their browsers get SSL_ERROR_RX_RECORD_TOO_LONG error and squid cache.log show this errors:
"Jul 6 15:44:59 ParsGateVM800 squid[27066] [daemon:info:1e]: 2019/07/06 15:44:59| SECURITY ALERT: on URL: mobile.pipe.aria.microsoft.com:443
Jul 6 15:44:59 ParsGateVM800 squid[27066] [daemon:info:1e]: 2019/07/06 15:44:59| SECURITY ALERT: Host header forgery detected on local=52.114.128.8:443 remote=10.0.0.110:60270 FD 12 flags=17 (local IP does not match any domain IP)"
I checked my DNS configuration in clients and squid server and they are both same and are 8.8.8.8!
what should i do?!
what is wrong with my configurations?
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
