If that is the edge server then it will be the audio/video Sent from my iPhone
> On 6/12/2016, at 12:35, Amos Jeffries <squ...@treenet.co.nz> wrote: > >> On 6/12/2016 11:46 a.m., Sameh Onaissi wrote: >> >> I have a Ubuntu 16.04 server with Squid 3.5.22 installed. It acts as a >> gateway in a LAN. >> >> It is configured to intercept HTTP and HTTPS traffic (Transparent). So >> iptables redirects were used for ports 80 and 443. >> The server runs two scripts: >> _*nat.sh*_ to bridge the two network cards, allowing LAN computers access to >> the internet through the servers Internet interface card. >> *_iptables.sh_* which defines the ip rules and port forwarding: >> http://pastebin.com/SqpbmYQQ >> >> BEFORE RUNNING iptables.sh... >> >> When I connect a LAN computer to it, everything works as expected. Complete >> Internet access with some HTTP and HTTPS domains blocked/redirected to >> another page. Skype for Business logs in successfully. >> >> AFTER RUNNING iptables.sh >> Skype for Business disconnects, and fails to re-connect, normal skype works >> just fine. >> >> >> I revised: >> https://support.office.com/en-us/article/Create-DNS-records-at-eNomCentral-for-Office-365-a6626053-a9c8-445b-81ee-eeb6672fae77?ui=en-US&rs=en-US&ad=US#bkmk_verify >> And added all DNS configurations on enom. >> >> That got rid of the DNS error I was getting to another error saying service >> is temporarily unavailable. >> >> Any suggestions to why this is happening? Any solutions? > > Skype is sending something that is not HTTPS over port 443. The > on_unsupported_protocol feature in Squid-4 is needed to tunnel Skype traffic > when intercepting port 443. > >> >> *Note:* both router and Ubuntu's WAN interface use Google's 8.8.8.8 DNS >> > > I hope that means the border router is providing DNS recursive lookup with > 8.8.8.8 as the parent, with LAN devices using that border router as their DNS > server. That will minimize the damage Google is causing, but not avoid it > completely. If not you should make it so, or at least place another shared > resolver somewhere to do the necessary DNS caching. > > > *Amos > > * > _______________________________________________ > squid-users mailing list > squid-users@lists.squid-cache.org > http://lists.squid-cache.org/listinfo/squid-users > _______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
