Squid Forums, Here's the log and (I think) relevant ACL's? ----------------------------------------------------------------------------------------------------------- # /var/log/squid/access.log results for internal conflicts 28/Aug/2024:10:57:17 -0400.234 10.46.49.190 TCP_DENIED/407 4132 CONNECT hexcelssp:443 - HIER_NONE/- text/html 28/Aug/2024:10:57:17 -0400.253 10.46.49.190 NONE_NONE/500 0 CONNECT hexcelssp:443 JPIANA@AD.<DOMAIN>.COM HIER_NONE/- - 28/Aug/2024:10:57:17 -0400.380 10.46.49.190 TCP_DENIED/407 4132 CONNECT hexcelssp:443 - HIER_NONE/- text/html 28/Aug/2024:10:57:17 -0400.399 10.46.49.190 NONE_NONE/500 0 CONNECT hexcelssp:443 JPIANA@AD.<DOMAIN>.COM HIER_NONE/- - ----------------------------------------------------------------------------------------------------------- # acl all src all acl src_self src 127.0.0.0/8 acl src_self src 10.46.11.69 acl dst_self dst 127.0.0.0/8 acl dst_self dst 10.46.11.69 acl from_arc src 10.46.0.0/15 acl local_dst_addr dst 10.0.0.0/8 acl local_dst_addr dst 172.0.0.0/8 acl local_dst_addr dst bldg3.<domain>.com acl local_dst_addr dst bldg5.<domain>.com # these keep URLs of popular local servers from being forwarded acl local_dst_dom dstdomain arcgate # allow connects to local destinations without authentication # by domain name from URL http_access allow local_dst_dom http_reply_access allow local_dst_dom # by IP address name resolves to http_access allow local_dst_addr http_reply_access allow local_dst_addr # allow trusted hosts without authentication # these are just ip's on the 10.46.11.x network acl authless_src src "/etc/squid/authless_src" http_access allow authless_src http_reply_access allow authless_src ----------------------------------------------------------------------------------------------------------- -----Original Message----- From: squid-users <squid-users-bounces@xxxxxxxxxxxxxxxxxxxxx> On Behalf Of Matus UHLAR - fantomas Sent: Wednesday, August 28, 2024 10:47 AM To: squid-users@xxxxxxxxxxxxxxxxxxxxx Subject: Re: Unable to access internal resources via hostname Caution: This email originated from outside of Hexcel. Do not click links or open attachments unless you recognize the sender and know the content is safe. On 28.08.24 14:20, Piana, Josh wrote: >Hello Squid Support, This squid user forum FYI > We are unable to get to internal resources via hostname but using the > IP address works fine. Immediately, I thought this was DNS but when I > checked the /etc/resolv.conf/ file it was pointing correctly to our > Windows DNS server and we can ping all devices using their hostname, > just not when browsing to it. This leads me to believe something may > be wrong with our squid config. hard to guess without seeing logs or ACL's. -- Matus UHLAR - fantomas, uhlar@xxxxxxxxxxx ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. It's now safe to throw off your computer. _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx https://lists.squid-cache.org/listinfo/squid-users _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx https://lists.squid-cache.org/listinfo/squid-users
