Re: Need proxy hole help

From: Dancer <[email protected]>
Date: Sat, 17 Jul 1999 11:25:46 +1000

Stephen Anderson wrote:
>
> I'm in a bad way and was hoping one of the Squid guru's could bail me out.
> We have been using Squid at our plant site for quite a while. We have
> been using it to filter porn requests out of our WAN traffice. When we
> started people would just not use the proxy, so we had our WAN provider
> disable port 80 traffic on our WAN router except for requests coming from
> the proxy (which were filtered).
>
> No an unexpected consequence has popped up. A user at our plant location
> is trying to access an IIS secured website on another one of our plant
> site's webservers. The problem is the user c annot get authenticated by
> the other plant's webserver. I think what the cause is that stinkin IIS
> is using some kind of NT-centric authentication routine and the proxy is
> not passing the information through to the client. One possibility that I
> am thinking of is they are authenticating on something like IP address.
> They are seeing the IP of our proxy and not the client.
>
> Is there any way with ACLs that I can configure Squid to act as a passive
> pas-thru for requests to these WAN requests? Something like how it passes
> throughSSL stuff? Thanks!

Won't help. The authentication will not work if proxied. The scheme is
bogus, alas.

D
Received on Fri Jul 16 1999 - 19:03:53 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:47:26 MST