[squid-users] Need help to configure MS Exchange RPC over HTTP

From: Ruiyuan Jiang <RJiang_at_fnpc.com>
Date: Wed, 23 May 2012 16:38:34 -0400

Hi, when I tried to test accessing MS exchange server, the outlook just kept prompt for the user name and password without luck. Here is the message from squid's access.log from the test:

1337803935.354 6 207.46.14.62 TCP_MISS/200 294 RPC_IN_DATA https://webmail.juicycouture.com/Rpc/RpcProxy.dll - PINNED/exchangeServer application/rpc
1337803937.876 6 207.46.14.62 TCP_MISS/401 666 RPC_IN_DATA https://webmail.juicycouture.com/rpc/rpcproxy.dll? - FIRST_UP_PARENT/exchangeServer text/html
1337803937.965 11 207.46.14.62 TCP_MISS/401 389 RPC_IN_DATA https://webmail.juicycouture.com/rpc/rpcproxy.dll? - FIRST_UP_PARENT/exchangeServer text/html
1337803938.144 6 207.46.14.62 TCP_MISS/401 666 RPC_OUT_DATA https://webmail.juicycouture.com/rpc/rpcproxy.dll? - FIRST_UP_PARENT/exchangeServer text/html
1337803938.229 6 207.46.14.62 TCP_MISS/401 389 RPC_OUT_DATA https://webmail.juicycouture.com/rpc/rpcproxy.dll? - FIRST_UP_PARENT/exchangeServer text/html

Here is my squid.conf for the test:

https_port 156.146.2.196:443 accel cert=/opt/squid-3.1.19/ssl.crt/webmail_juicycouture_com.crt key=/opt/squid-3.1.19/ssl.crt/webmail_juicycouture_com.key cafile=/opt/apache2.2.21/conf/ssl.crt/DigiCertCA.crt defaultsite=webmail.juicycouture.com

cache_peer internal_ex_serv parent 443 0 no-query originserver login=PASS ssl sslflags=DONT_VERIFY_PEER,DONT_VERIFY_DOMAIN name=exchangeServer

acl EXCH dstdomain .juicycouture.com

cache_peer_access exchangeServer allow EXCH
cache_peer_access exchangeServer deny all
never_direct allow EXCH

http_access allow EXCH
http_access deny all
miss_access allow EXCH
miss_access deny all

Where did I do wrong? I also tried a different squid.conf (basically remove all the ACLs) but got the same message in access.log:

https_port 156.146.2.196:443 accel cert=/opt/squid-3.1.19/ssl.crt/webmail_juicycouture_com.crt key=/opt/squid-3.1.19/ssl.crt/webmail_juicycouture_com.key cafile=/opt/apache2.2.21/conf/ssl.crt/DigiCertCA.crt defaultsite=webmail.juicycouture.com

cache_peer internal_ex_serv parent 443 0 no-query originserver login=PASS ssl sslflags=DONT_VERIFY_PEER,DONT_VERIFY_DOMAIN name=exchangeServer

cache_peer_access exchangeServer allow all

http_access allow all
miss_access allow all

Thanks.

Ryan Jiang

This message (including any attachments) is intended
solely for the specific individual(s) or entity(ies) named
above, and may contain legally privileged and
confidential information. If you are not the intended
recipient, please notify the sender immediately by
replying to this message and then delete it.
Any disclosure, copying, or distribution of this message,
or the taking of any action based on it, by other than the
intended recipient, is strictly prohibited.
Received on Wed May 23 2012 - 20:38:45 MDT

This archive was generated by hypermail 2.2.0 : Fri May 25 2012 - 12:00:04 MDT