Hi all,
To reduce the bandwidth, we put the Cache Proxy in each regional office. However, the proxy return 503 error when we try to access yum.oracle.com. Attached the error log and the squid.conf file for your reference. Do I need to do any SSL inspection to make it work ?
We already tried to set the company proxy in Cache Proxy setting and also the Windows Server Connection layer. But result the same.
The connection is like below. The cache proxy 3.5 is installed on Windows Server
Oralce Linux with yum.conf set > Cache Proxy > Company Proxy > Redhat/Oracle
We already tried to set the company proxy in Cache Proxy setting and also the Windows Server Connection layer. But result the same.
The connection is like below. The cache proxy 3.5 is installed on Windows Server
Oralce Linux with yum.conf set > Cache Proxy > Company Proxy > Redhat/Oracle
Best Regards,
Johnny Lam
AWS Certified Solutions Architect
Security Consultant
UDS Data Systems Ltd
Mobile: +852 9504 5848 China Mobile: +86 14715379352
# # Recommended minimum configuration: # # Example rule allowing access from your local networks. # Adapt to list your (internal) IP networks from where browsing # should be allowed acl localnet src 10.0.0.0/8 # RFC1918 possible internal network acl localnet src 172.16.0.0/12 # RFC1918 possible internal network acl localnet src 192.168.0.0/16 # RFC1918 possible internal network acl localnet src fc00::/7 # RFC 4193 local private network range acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines acl localnet src 172.28.47.0/25 acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT # # Recommended minimum Access Permission configuration: # acl repo_domain dstdomain yum.oracle.com cdn.redhat.com http_access allow repo_domain http_access deny all #http_access allow all # Only allow cachemgr access from localhost http_access allow localhost manager http_access deny manager # Deny requests to certain unsafe ports http_access deny !Safe_ports # Deny CONNECT to other than secure SSL ports http_access deny CONNECT !SSL_ports # We strongly recommend the following be uncommented to protect innocent # web applications running on the proxy server who think the only # one who can access services on "localhost" is a local user #http_access deny to_localhost # # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS # # Example rule allowing access from your local networks. # Adapt localnet in the ACL section to list your (internal) IP networks # from where browsing should be allowed http_access allow localnet http_access allow localhost # And finally deny all other access to this proxy #http_access deny all # Squid normally listens to port 3128 http_port 3128 # Uncomment the line below to enable disk caching - path format is /cygdrive/<full path to cache folder>, i.e. cache_dir aufs /cygdrive/d/squid/var/cache/squid 3000000 16 256 # Leave coredumps in the first cache dir coredump_dir /var/cache/squid # Add any of your own refresh_pattern entries above these. refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern . 0 20% 4320 dns_nameservers 172.28.45.63 172.28.45.64 forward_max_tries 25 max_filedescriptors 3200 cache_mem 64 MB cache_swap_high 90 cache_swap_low 30 cache_log d:/squid/var/log/cache.log access_log d:/squid/var/log/access.log cache_store_log d:/squid/var/log/store.log #cache_peer 172.28.121.200 parent 7070 0 no-query default
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
