[squid-users] https/SSL forwarding to parent squid cache

From: Rakesh Jha <rakesh@dont-contact.us>
Date: Tue, 23 Jan 2007 09:09:07 +0300

Hi,
I have following scenario -

Client-->squid--->Proxy--->Stateful Inspection--> Squid
Parent-------->ISP2
                 Firewall Firewall | (two NIC config)
                                               |
                                               |-->ISP1

From Squid I am contacting parent squid at tcp port 3128 and it is
allowed through both firewalls. This arrangements works perfectly for
http traffic but I cannot login to hotmail or can not go to site with
https.
The idea behind this is that I want to use second ISP without
complicating my configuration. The HTTP traffic goes perfectly through
ISP2 but have problem with HTTPS. When I change never_direct to
always_direct https works but then it not using ISP2. Any help?

For using ISP1 I have other squid box which has default route to Proxy
firewall. My squid.conf on the client side squid proxy is as following -

acl bb-itsup src 10.10.56.0/255.255.255.0
acl CONNECT method CONNECT
acl all src 0.0.0.0/0.0.0.0
never_direct allow bb-itsup
never_direct allow CONNECT
http_access allow localhost
http_access allow bb-itsup
#always_direct allow bb-itsup
http_access deny all

Thanks & regards,

Rakesh
######################################################################
Attention:
This e-mail message is privileged and confidential. If you are not the
intended recipient please delete the message and notify the sender.
Any views or opinions presented are solely those of the author.

This email was scanned and cleared by MailMarshal.
######################################################################
Received on Mon Jan 22 2007 - 23:05:50 MST

This archive was generated by hypermail pre-2.1.9 : Thu Feb 01 2007 - 12:00:01 MST