Re: [discuss] Speed question
Steve here is part of a previous email to the maillist showing the setup we use... Cheers, Bruce. The standard Proxy setup under System Preferences would work with Internet Explorer but little else. The students have to "Log in" repeatedly to the server in the usual way with CURRICULUM/username and password and then log in again for other services. The Standard Go->ConnectToServer in OS X is abysmmal. I use SMBBrowser 0.91 (unstable but it works) to find the various services. On a couple of machines I have installed authoxy for test purposes and the results have been surprsingly brilliant. Within Authoxy the SETTINGS stage has username - password Use this proxy enabled 172.16.1.1 - port 80 (ignore pac files) with Authoxy running on local (to the PowerBook) port 8080. Enable debugging. In the NTLM setup we have Domain curriculum host/workstation 172.16.1.1 - slight duplication perhaps. Start Authoxy. I have told the 2 students to START authoxy each time they start their computers and apart from one incident, Authoxy seems to run fine. The students all have wireless connections. Thus in the System Preferences->Network section and in proxies, we have set FTP proxy directly to 172.16.1.1 port 80 (yes 80) Web Proxy (HTTP) to 127.0.0.1 port 8080 Secure Proxy (HTTPS) also to 127.0.0.1 port 8080 And all that seems to work. Safari and IE work as does Software Update - but the Virex autoupdate does NOT work.
[discuss] Regustration
Dear Heath, We are finally back to Authoxy and it is appropriate to find a site licence.I know we discussed this before ages ago, but how much is a site licence. We have 6 active users at the moment which implies $30 via paypal but I think you mentioned $50 before or something like that!!! Please let me know and the URL to use. Cheers, Bruce.
Re: [discuss] Speed question
Set in the NTLM your windows domain name eg for us its "curriculum2" and in the host, its NOT you/your workstation but the IP address of your proxy server 10.2.0.1 or whatever, Well thats what we do... Try that. Cheers, Bruce. >--> NTLM Authentication is on, set to my domain (mbbc) and my computer name >(sstratpbook)--I'm checking with our system admin to be sure that's correct > >Note: In Authoxy control panel, the number of daemons running increases with >each web access, but doesn't seem to decrease back to 1 after the web page >finishes loading. Don't know if that's normal. > >Any ideas? Thanks for your help--this tool has great potential for me to >provide a higher level of compatibility with our MS network, so I'm not >willing to give up yet! > >--Steve
Re: [discuss] Speed question
Ah ha... found it...
Re: [discuss] Speed question
I shall get a log from our system today to compare BUT it seems as though your NTLM transaction is VERY slow. It should be virtually(!!) immediate. - Found the log from yesterday on another machine.. Note the times for NTLM - forget the first 2 log lines, I was switching from airport to ethernet networks links. i.e. fiddling. Should be in RED We get to step 4 in less than a second. So you will have to examine why you NTLM authenication is not working properly. Did you use the domain name of the server for authentication or its IP address? Cheers, Bruce. Sep 6 13:14:51 : Authoxy has started successfully Sep 6 13:14:58 : Authoxy has started successfully Sep 6 13:15:17 : Ready to NTLM! Sep 6 13:15:17 : Entering Step 1 Sep 6 13:15:17 : Found Connection: close. Hiding for NTLM Authentication Sep 6 13:15:17 : Waiting for Step 2 Sep 6 13:15:17 : Entering Step 2 Sep 6 13:15:17 : Step 2 is complete Sep 6 13:15:17 : Entering Step 3 Sep 6 13:15:17 : Created Type 1 string of 72 characters Sep 6 13:15:17 : Pausing in Step 3 Sep 6 13:15:17 : Entering Step 4 Sep 6 13:15:17 : Content-Length: 0 Sep 6 13:15:17 : NTLM: Target length is 13 Sep 6 13:15:17 : NTLM: Target length 2 is 13 Sep 6 13:15:17 : NTLM: Target offset is 56 Sep 6 13:15:17 : NTLM Flag: Negotiate OEM Sep 6 13:15:17 : NTLM Flag: Request Target Sep 6 13:15:17 : NTLM Flag: Negotiate NTLM Sep 6 13:15:17 : NTLM Flag: Target Type Domain Sep 6 13:15:17 : NTLM Flag: Negotiate Target Info Sep 6 13:15:17 : NTLM Flag: UNKNOWN5 Sep 6 13:15:17 : NTLM: Target is: TOORAKCOLLEGE Sep 6 13:15:17 : NTLM: Target length is 180 Sep 6 13:15:17 : NTLM: Target length 2 is 180 Sep 6 13:15:17 : NTLM: Target offset is 69 Sep 6 13:15:17 : NTLM: TargetInfo is: ^B^^Z^T^O^O^R^A^K^C^O^L^L^E^G^E^^A^^R^P^R^O^X^Y^2^0^0^4^^D^0^t^o^o^r^a^k ^c^o^l^l^e^g^e^.^v^i^c^.^e^d^u^.^a^u^^C^D^P^R^O^X^Y^2^0^0^4^.^t^o^o^r^a^ k^c^o^l^l^e^g^e^.^v^i^c^.^e^d^u^.^a^u^ Sep 6 13:15:17 : The nonce is: --6CöTð. Sep 6 13:15:17 : Finished Step 4 Sep 6 13:15:17 : Entering Step 5 Sep 6 13:15:17 : Got Type 3 msg of 184 characters. Sep 6 13:15:17 : Finished NTLM! Sep 6 13:15:17 : Server closed connection, killing session processes. >I turned on system logging. Here's part of a session log. Two things were >going on: Entourage was accessing the exchange server, and there was a web >page request using Mozilla. Both requests completed eventually, though this >is not the complete session. > >--Steve > >Sep 6 09:26:29 : Authoxy has started successfully >Sep 6 09:27:27 : Ready to NTLM! >Sep 6 09:27:27 : Entering Step 1 >Sep 6 09:27:27 : Content Length of request: 0 >Sep 6 09:27:27 : Waiting for Step 2 >Sep 6 09:27:27 : Entering Step 2 >Sep 6 09:28:41 : Ready to NTLM! >Sep 6 09:28:41 : Entering Step 1 >Sep 6 09:28:41 : Content Length of request: 0 >Sep 6 09:28:41 : Waiting for Step 2 >Sep 6 09:28:41 : Entering Step 2 >Sep 6 09:28:41 : Ready to NTLM! >Sep 6 09:28:41 : Entering Step 1 >Sep 6 09:28:41 : Waiting for Step 2 >Sep 6 09:28:41 : Entering Step 2 >Sep 6 09:28:41 : Ready to NTLM! >Sep 6 09:28:41 : Entering Step 1 >Sep 6 09:28:41 : Waiting for Step 2 >Sep 6 09:28:41 : Entering Step 2 >Sep 6 09:28:48 : Ready to NTLM! >Sep 6 09:28:48 : Entering Step 1 >Sep 6 09:28:48 : Waiting for Step 2 >Sep 6 09:28:48 : Entering Step 2 >Sep 6 09:29:27 : Step 2 is complete >Sep 6 09:29:27 : Entering Step 3 >Sep 6 09:29:27 : Created Type 1 string of 64 characters >Sep 6 09:29:27 : Pausing in Step 3 >Sep 6 09:29:27 : Entering Step 4 Sep 6 09:29:27 : The nonce is: (I_^T^Gß[½. >Sep 6 09:29:27 : Finished Step 4 >Sep 6 09:29:27 : Entering Step 5 >Sep 6 09:29:27 : Got Type 3 msg of 176 characters >Sep 6 09:30:48 : Finished Step 4
Re: [discuss] Speed question
I turned on system logging. Here's part of a session log. Two things were going on: Entourage was accessing the exchange server, and there was a web page request using Mozilla. Both requests completed eventually, though this is not the complete session. --Steve Sep 6 09:26:29 : Authoxy has started successfully Sep 6 09:27:27 : Ready to NTLM! Sep 6 09:27:27 : Entering Step 1 Sep 6 09:27:27 : Content Length of request: 0 Sep 6 09:27:27 : Waiting for Step 2 Sep 6 09:27:27 : Entering Step 2 Sep 6 09:28:41 : Ready to NTLM! Sep 6 09:28:41 : Entering Step 1 Sep 6 09:28:41 : Content Length of request: 0 Sep 6 09:28:41 : Waiting for Step 2 Sep 6 09:28:41 : Entering Step 2 Sep 6 09:28:41 : Ready to NTLM! Sep 6 09:28:41 : Entering Step 1 Sep 6 09:28:41 : Waiting for Step 2 Sep 6 09:28:41 : Entering Step 2 Sep 6 09:28:41 : Ready to NTLM! Sep 6 09:28:41 : Entering Step 1 Sep 6 09:28:41 : Waiting for Step 2 Sep 6 09:28:41 : Entering Step 2 Sep 6 09:28:48 : Ready to NTLM! Sep 6 09:28:48 : Entering Step 1 Sep 6 09:28:48 : Waiting for Step 2 Sep 6 09:28:48 : Entering Step 2 Sep 6 09:29:27 : Step 2 is complete Sep 6 09:29:27 : Entering Step 3 Sep 6 09:29:27 : Created Type 1 string of 64 characters Sep 6 09:29:27 : Pausing in Step 3 Sep 6 09:29:27 : Entering Step 4 Sep 6 09:29:27 : Content-Length: 0 Sep 6 09:29:27 : NTLM: Target length is 4 Sep 6 09:29:27 : NTLM: Target length 2 is 4 Sep 6 09:29:27 : NTLM: Target offset is 56 Sep 6 09:29:27 : NTLM Flag: Negotiate OEM Sep 6 09:29:27 : NTLM Flag: Request Target Sep 6 09:29:27 : NTLM Flag: Negotiate NTLM Sep 6 09:29:27 : NTLM Flag: Target Type Domain Sep 6 09:29:27 : NTLM Flag: Negotiate Target Info Sep 6 09:29:27 : NTLM Flag: UNKNOWN5 Sep 6 09:29:27 : NTLM: Target is: MBBC Sep 6 09:29:27 : NTLM: Target length is 98 Sep 6 09:29:27 : NTLM: Target length 2 is 98 Sep 6 09:29:27 : NTLM: Target offset is 60 Sep 6 09:29:27 : NTLM: TargetInfo is: ^B^^H^M^B^B^C^^A^^H^I^N^E^T^^D^^P^m^b^b^c^.^e^d^u^^C^^Z^i^n^e^t^.^m^b^b^c^.^ e^d^u^^E^^P^m^b^b^c^.^e^d^u^ Sep 6 09:29:27 : The nonce is: (I_^T^GÃ[Å. Sep 6 09:29:27 : Finished Step 4 Sep 6 09:29:27 : Entering Step 5 Sep 6 09:29:27 : Got Type 3 msg of 176 characters. Sep 6 09:29:27 : Finished NTLM! Sep 6 09:29:27 : SEARCH http://mail.mbbc.edu/exchange/sstratford/ HTTP/1.1 Sep 6 09:30:41 : Step 2 is complete Sep 6 09:30:41 : Entering Step 3 Sep 6 09:30:41 : Created Type 1 string of 64 characters Sep 6 09:30:41 : Pausing in Step 3 Sep 6 09:30:41 : Entering Step 4 Sep 6 09:30:41 : Content-Length: 0 Sep 6 09:30:41 : NTLM: Target length is 4 Sep 6 09:30:41 : NTLM: Target length 2 is 4 Sep 6 09:30:41 : NTLM: Target offset is 56 Sep 6 09:30:41 : NTLM Flag: Negotiate OEM Sep 6 09:30:41 : NTLM Flag: Request Target Sep 6 09:30:41 : NTLM Flag: Negotiate NTLM Sep 6 09:30:41 : NTLM Flag: Target Type Domain Sep 6 09:30:41 : NTLM Flag: Negotiate Target Info Sep 6 09:30:41 : NTLM Flag: UNKNOWN5 Sep 6 09:30:41 : NTLM: Target is: MBBC Sep 6 09:30:41 : NTLM: Target length is 98 Sep 6 09:30:41 : NTLM: Target length 2 is 98 Sep 6 09:30:41 : NTLM: Target offset is 60 Sep 6 09:30:41 : NTLM: TargetInfo is: ^B^^H^M^B^B^C^^A^^H^I^N^E^T^^D^^P^m^b^b^c^.^e^d^u^^C^^Z^i^n^e^t^.^m^b^b^c^.^ e^d^u^^E^^P^m^b^b^c^.^e^d^u^ Sep 6 09:30:41 : The nonce is: ~c1ÅâË^\S. Sep 6 09:30:41 : Finished Step 4 Sep 6 09:30:41 : Entering Step 5 Sep 6 09:30:41 : Got Type 3 msg of 176 characters. Sep 6 09:30:41 : Finished NTLM! Sep 6 09:30:41 : Step 2 is complete Sep 6 09:30:41 : Step 2 is complete Sep 6 09:30:41 : Entering Step 3 Sep 6 09:30:41 : Created Type 1 string of 64 characters Sep 6 09:30:41 : Entering Step 3 Sep 6 09:30:41 : Created Type 1 string of 64 characters Sep 6 09:30:41 : Pausing in Step 3 Sep 6 09:30:41 : Pausing in Step 3 Sep 6 09:30:41 : Entering Step 4 Sep 6 09:30:41 : Entering Step 4 Sep 6 09:30:41 : Content-Length: 0 Sep 6 09:30:41 : NTLM: Target length is 4 Sep 6 09:30:41 : NTLM: Target length 2 is 4 Sep 6 09:30:41 : NTLM: Target offset is 56 Sep 6 09:30:41 : NTLM Flag: Negotiate OEM Sep 6 09:30:41 : NTLM Flag: Request Target Sep 6 09:30:41 : NTLM Flag: Negotiate NTLM Sep 6 09:30:41 : NTLM Flag: Target Type Domain Sep 6 09:30:41 : NTLM Flag: Negotiate Target Info Sep 6 09:30:41 : NTLM Flag: UNKNOWN5 Sep 6 09:30:41 : NTLM: Target is: MBBC Sep 6 09:30:41 : NTLM: Target length is 98 Sep 6 09:30:41 : NTLM: Target length 2 is 98 Sep 6 09:30:41 : NTLM: Target offset is 60 Sep 6 09:30:41 : NTLM: TargetInfo is: ^B^^H^M^B^B^C^^A^^H^I^N^E^T^^D^^P^m^b^b^c^.^e^d^u^^C^^Z^i^n^e^t^.^m^b^b^c^.^ e^d^u^^E^^P^m^b^b^c^.^e^d^u^ Sep 6 09:30:41 : The nonce is: -ÃBÃ[ÂÃâ. Sep 6 09:30:41 : Finished Step 4 Sep 6 09:30:41 : Content-Length: 0 Sep 6 09:30:41 : NTLM: Target length is 4 Sep 6 09:30:41 : NTLM: Target length 2 is 4 Sep 6 09:30:41 : NTLM: Target offset is 56 Sep 6 09:30:41 : NTLM Flag: Negotiate OEM Sep 6 09:30:41 : NTLM Flag: Request Target Sep 6 09:30:41 : NTLM Flag: Ne
Re: [discuss] Speed question
Switched Authoxy to use port 8081 (1 daemon 127.0.0.1 on 8081) Switched my proxy settings to 8081 Left my bypass addresses the same (10.2.0.* and *.mbbc.edu) Still painfully slow (4-5 minutes to load www.mozilla.org) I pulled the bypass settings out of the network control panel and out of Mozilla Everything still worked slow, couldn't access our local intranet Added Intranet address to bypass settings, now Intranet came right up quickly Removed the hard-coded DNS server (10.2.0.1) from the Network Prefs Everything still worked but still very slow So overview of current status: --> Authoxy on port 8081, pointing to our 10.2.0.2 proxy on port 8080 --> All network proxies pointing to 127.0.0.1 port 8081 --> *.mbbc.edu proxy bypassed (all web addresses *.mbbc.edu come right up quickly, so this is correct) --> Either no DNS server set, or set to assigned DNS server 10.2.0.1, no difference --> NTLM Authentication is on, set to my domain (mbbc) and my computer name (sstratpbook)--I'm checking with our system admin to be sure that's correct Note: In Authoxy control panel, the number of daemons running increases with each web access, but doesn't seem to decrease back to 1 after the web page finishes loading. Don't know if that's normal. Any ideas? Thanks for your help--this tool has great potential for me to provide a higher level of compatibility with our MS network, so I'm not willing to give up yet! --Steve On 9/3/04 9:08 PM, "bruce" <[EMAIL PROTECTED]> wrote: > Hmmm... > Let me try to assess your network... > > Everything looks in order except for the bypass. If you bypass > all 10.2.0.x addresses then surely you wouldn't need Authoxy. What > do you mean you bypass all proxy settings? Do you simply > pass ALL packets through the firewall? > If so then you are not using a proxy server per se. > > If this is the case, what happens to packets from say 10.2.2.44:80 going to > 10.2.0.2:80, your proxy server? Do they get processesed in any way - accounts, > NAT translated at this stage, virus,filtered, or restricted? > > Do you have to send everything to 10.2.0.2:8080? Do they get processed in > any way apart from NAT? > > You said that you have set every proxy in the control panel, > you didn't set the automatic proxy configuration as well did you? > > > As a matter of interest, there may be a clash between ports. > I did notice something like this ages ago and didn't follow it up. > Pressure of other work I'm afraid. > Try setting the internal/authoxy proxy port for HTTP to something different > say 8081 rather than 8080. Then reset the browser so go through 8081 > as well. This isolates the port-to-port interaction. I remember trying > 8080:8080 myself and failing but thats not to say it doesn't work. At the > time I suspect I had other things not happening. > > Yes Windows domain name - sad though that may be. > > Bruce. > > >> Hi Bruce-- >> >> I'll have to verify on Monday when I'm back in the office, but it seemed >>> 10x slower. Just www.google.com took 30 seconds to finally load the >> graphics. Usually instantaneous. >> >> I have a fixed IP of 10.2.2.44 on our network. Our DNS server is 10.2.0.1. >> Every proxy in the Network control panel is set to 127.0.0.1:8080. We bypass >> all proxy settings for 10.2.0.* on our network. >> >> In Authoxy, our proxy is 10.2.0.2:8080. It says Authoxy will run on port >> 8080. I believe my local web server is disabled. When I enable Authoxy, it >> says "one daemon running on 127.0.0.1 port 8080," no errors in the message >> window. I have NTLM authentication enabled, and I believe I have the correct >> domain entered (wouldn't I get NO connection if the domain name were >> incorrect? But I do get a connection). [This is a Windows domain, not a >> domain name, right?] And I looked up the name of my powerbook for NTLM using >> my Windows machine (sstratpbook). >> >> Anything smell fishy? Thanks for any help you can give. >> >> --Steve >> >> >> >> On 9/3/04 7:48 PM, "bruce" <[EMAIL PROTECTED]> wrote: >> >>> Suspect that you have miss configured the paths to authoxy. >>> Can you test the speed of the direct link to your MS proxy server using say >>> Internet Explorer and then do the same via authoxy using say Safari. >>> We run Authoxy on a number of machines from a G3-500 powerBook (mine!!) >>> to G4 powerBooks of the students(!!) without any speed impact. Also >>> on an iBook-500 - goes well. >>> >>> Have you included HTTP and HTTPS but a direct link for FTP? >>> >>> Have you got a clash of port 80 or 8080 on the powerBooks, for example >>> have you enabled the local server on the powerBook. 127.0.0.1:80 >>> is localhost. >>> >>> Have you enabled NTLM authentication with the correct domain name. >>> Separate the proxy port (suggest 8080) from the MSProxy server port 80) >>> >>> We too are running 100Mb links and authoxy works well... won't comment >>> about the rest of the (Windows managed) network. >>> >>> Let us know, >>> Cheers from downUnde