Sure thing.
On Tue, Apr 14, 2020 at 8:32 AM Antony Stone <Antony.Stone@xxxxxxxxxxxxxxxxxxxx> wrote:
On Tuesday 14 April 2020 at 16:03:19, Chris Bidwell - NOAA Federal wrote:
> Okay, so I think I'm starting to get somewhere but the connection isn't
> completing. I can see the connection come through my firewall, but the
> handshake doesn't appear to be happening.
Tell us more about your network setup. Is the firewall between the clients and
Squid, between Squid and the Internet, or do you have both?
There is a firewall between my internal clients and squid. There is a firewall rule allowing tcp/8080 from my clients to the squid server. And from the squid server, it is allowed to the internet.
Can you do a simple Ping test from a client machine to the Squid server (and
get replies)?
Can you do the same from the Squid server to some Internet-based web server
(making sure it's one which replies to pings - some machines are badly
configured and don't do this).
> My squid access log is saying: TCP_MISS/503.
I'm sure it says a lot more than that, but at least it's an indication that
your client is getting the request through to Squid okay.
Here is the full output of my access.log:
1586873819.383 0 192.168.226.241 TAG_NONE/409 4108 CONNECT www.nginx.com:443 - HIER_NONE/- text/html
Assuming the Ping test from Squid to an Internet web server works, what
happens if you try wget, lynx, curl or even telnet to port 80, from the Squid
server to some external web server? Does it indicate that the Squid server
has "Internet access"?
Antony.
So after looking further. It looks like when I'm trying to wget from my squid server, which has the two nics (internal and public), it's trying to send it through the internal
connection. It doesn't seem to want to route through the external nic.
--
Programming is a Dark Art, and it will always be. The programmer is
fighting against the two most destructive forces in the universe:
entropy and human stupidity. They're not things you can always
overcome with a "methodology" or on a schedule.
- Damian Conway, Perl God
Please reply to the list;
please *don't* CC me.
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
