I just re-enabled the WCCP redirection on the router so I could take the network capture and it worked. I can only assume a stale DNS record / Firewall session problem was to blame.
Many thanks for the link Val. It confirmed what my original hypothesis was :) Regards David Stout Traffic Shapers EMail : [EMAIL PROTECTED] Mobile: +44 (0) 7919 442023 WWW : http://www.trafficshapers.co.uk -----Original Message----- From: Valton Hashani [mailto:[EMAIL PROTECTED] Sent: 22 March 2004 10:33 To: David Stout Subject: Re: [squid-users] Squid + WCCP + HTTPS Authentication Dilemma http://geocities.com/tukapr/slbtranscache.html Valton Hashani ----- Original Message ----- From: "David Stout" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, March 22, 2004 10:46 AM Subject: [squid-users] Squid + WCCP + HTTPS Authentication Dilemma > Now before I get flamed, I am on a tight timeline and am also reading > through the archives to try to find a solution, but I would appreciate > any help I can get on this matter. > > We have a caching product that uses a Squid cache as it's main proxy > (Stratacache) and on the recommendation of the manufacturer we have > installed a Cisco Router to process the WWW traffic and redirect it to > the cache using WCCP. > > This solution worked excellenty and performed really well. > > The problem came from the fact we could no longer connect to any > websites requiring a HTTPS connection. No yahoo mail no hotmail would > work. So originally I noticed that our firewall was sending HTTP > traffic to the internet using it's management public IP address, and > all HTTPS traffic was going via the NAT rules in the firewall. This > would mean the web server would seen HTTP and HTTPS from different > public IP's and close the connection. I have since corrected this > minor issue so that the authenticating web servers will see the HTTP > and HTTPS traffic from the same public IP address. > > I am unable to find out from the Cisco web site if the router is > forwarding the HTTPS to the cache (I am installing a sniffer today so > I'll get back to you on that). > > Now it stikes me as odd that this would happen on every WCCP + Squid > install but there seems no immediate solution (I am trawling the > archives as well though in case I missed it (although search didn't > throw up too much)). > > Any help or advice would be appreciated. > > David Stout > Traffic Shapers > EMail : [EMAIL PROTECTED] > WWW : http://www.trafficshapers.co.uk > > >
