[squid-users] HTTPS through Parent cache

From: rakesh <[email protected]>
Date: Sun, 21 Jan 2007 16:02:25 +0300

Hi,
I have following scenario -

Client ->squid -->Proxy ->Stateful Inspection --> Squid Parent-------->ISP2
                           Firewall Firewall | (two NIC
config)
                                                                   |
                                                                   |-->ISP1

From Squid I am contacting parent squid at tcp port 3128 and it allowed
through both firewalls. This arrangements works perfectly for http traffic
but I cannot login to hotmail or can not go to site with https.
The idea behind this is that I want to use second ISP without complicating
my configuration. The HTTP traffic goes perfectly through ISP2 but have
problem with HTTPS. When I change never_direct to always_direct https works
but then it not using ISP2. Any help?

For using ISP1 I have other squid box which have deafult route to Proxy
firewall. My squid.conf on the client side squid proxy is as following -

acl bb-itsup src 10.10.56.0/255.255.255.0
acl CONNECT method CONNECT
acl all src 0.0.0.0/0.0.0.0
never_direct allow bb-itsup
never_direct allow CONNECT
http_access allow localhost
http_access allow bb-itsup
#always_direct allow bb-itsup
http_access deny all

Thanks & regards,

Rakesh

######################################################################
Attention:
This e-mail message is privileged and confidential. If you are not the
intended recipient please delete the message and notify the sender.
Any views or opinions presented are solely those of the author.

This email was scanned and cleared by MailMarshal.
######################################################################
Received on Sun Jan 21 2007 - 06:02:34 MST

This archive was generated by hypermail pre-2.1.9 : Thu Feb 01 2007 - 12:00:01 MST