Hi, I have problems with authentication querys over squid.
This is what I have to do. The Clients will connect to www.abc.com, which is pointing to rProxy1 in the DMZ1. rProxy1 will forward all to rProxy2 (Port 80) standing in the DMZ2. rProxy2 will forward to www.def.com:8000 Internet --www.abc.com--> Firewall ---> rProxy1 (Port80) ---> rProxy2(Port 80) ---www.def.com---> SAP (Port8000) My problem is, that a client connection request starts ususal with a pop-up window with an account query. But unlike a direct connection the account information seems not The server asks two more times for the account information and then serves a standard webpage. All I see in the logs is the GET from the client to www.def.com. I see also the conncetion request of the client in the log of the webserver. The webserver is answering with the account query but gets no response of the client. Instead of that the webserver gets another connection request of the client Log rProxy1: 145.x.x.x TCP_MISS/401 471 GET http://www.abc.com - FIRST_UP_PARENT/192.168.212.2 text/html Log rProxy2: 192.168.212.1 TCP_MISS/401 384 GET http://www.def.com:8000 - FIRST_PARENT_UP/194.xxx.xxx.xxx text/html That�s all :-( Anyone out there with a clue/solution? Please it is urgent, the managers are already standing behind my back ;-) Thanks in advance Joerg Here is my configuration: rProxy1: WELCOME TO SQUID 3.0-PRE3-20040126 http_port 80 vhost accel cache_peer 192.168.212.2 parent 8000 0 name=t1.def.com acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 563 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 563 # https, snews acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT acl SquidAdmin src 192.168.215.18 acl alienhost dst 80.xxx.xxx.xxx acl http proto http acl http proto https acl alienport port 80 acl alienport port 443 acl shrekhost dst 192.168.160.252 acl shrekhost dst 192.168.212.2 acl shrekdomain dstdomain .def.com acl shrekdomain dstdomain .abc.com acl Shrek src 192.168.212.0/255.255.255.252 http_access allow manager localhost http_access allow manager SquidAdmin http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access deny to_localhost http_access allow alienhost http alienport http_access allow shrekhost http alienport http_access allow shrekdomain http_access deny all cache_peer_access t1.def.com allow shrekdomain rProxy2: http_port 80 vhost accel cache_peer 194.xxx.xxx.xxx parent 8000 0 name=t2.def.com originserver forceddomain=.def.com proxy-only acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 563 acl Safe_ports port 80 # http acl Safe_ports port 8000 acl Safe_ports port 21 # ftp acl Safe_ports port 443 563 # https, snews acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT acl SquidAdmin src 192.168.215.18 acl sapbwhosts1 dst 194.xxx.xxx.xxx acl sapbwhosts2 dst 194.xxx.xxx.xxx acl sapbwports1 port 8000 acl sapbwports1 port 8001 acl sapbwports2 port 8120 acl sapbwports2 port 8123 acl alien src 192.168.212.0/255.255.255.252 http_access allow manager localhost http_access allow manager SquidAdmin http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow sapbwhosts1 sapbwports1 http_access allow sapbwhosts2 sapbwports2 http_access allow alien http_access deny all acl my dstdomain .abc.com acl my dstdomain .def.com cache_peer_access t2.def.com allow my
