I am relatively new with all of this but I am going to try and take a wild guess.
The Symantec proxy is not making a PROXY request to the squid box, instead it is making a regular HTTP request. Squid may need to be configured in transparent mode, this is the mode where squid takes a regular request from a browser as if it was connecting to a web server and not to a proxy server.
Beside the documentation on the squid web page, here is another good link: http://www.linuxjunkies.org/adminstration%20Howto/webminguide/x5222.htm
From: "Greg Shepherd" <[EMAIL PROTECTED]> Reply-To: <[EMAIL PROTECTED]> To: <[email protected]> Subject: RE: [squid-users] Squid and Symantec Web Security Date: Thu, 23 Dec 2004 23:05:32 -0500
Sorry Lucio. I mis-sent it directly to you instead of to the list.
It appears that I can telnet to port 3128. I telnet to the port from the SWS
server, but it is just blank with no prompts or anything. After typing in
quit, exit, etc. I see the following text:
HTTP/1.0 400 Bad Request Server: squid/2.5.STABLE5 Mime-Version: 1.0 Date: Fri, 24 Dec 2004 03:54:48 GMT Content-Type: text/html Content-Length: 1203 Expires: Fri, 24 Dec 2004 03:54:48 GMT X-Squid-Error: ERR_INVALID_REQ 0 X-Cache: MISS from igateway.kings X-Cache-Lookup: NONE from igateway.kings:3128 Proxy-Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http:// g/TR/html4/loose.dtd"> <HTML><HEAD><META HTTP-EQUIV="Content-Type" CONTE html; charset=iso-8859-1"> <TITLE>ERROR: The requested URL could not be </TITLE> <STYLE type="text/css"><!--BODY{background-color:#ffffff;font-f dana,sans-serif}PRE{font-family:sans-serif}--></STYLE> </HEAD><BODY> <H1> > <H2>The requested URL could not be retrieved</H2> <HR noshade size="1px
e trying to process the request: <PRE> / /quiot /exit exit quit
</PRE> <P> The following error was encountered: <UL> <LI> <STRONG> Invalid Re
RONG> </UL>
<P> Some aspect of the HTTP Request is invalid. Possible prob
<LI>Missing or unknown request method <LI>Missing URL <LI>Missing HTTP Id (HTTP/1.0) <LI>Request is too large <LI>Content-Length missing for POST o uests <LI>Illegal character in hostname; underscores are not allowed </UL
cache administrator is <A HREF="mailto:webmaster";>webmaster</A>.
<BR cl > <HR noshade size="1px"> <ADDRESS> Generated Fri, 24 Dec 2004 03:54:48 GM eway.kings (squid/2.5.STABLE5) </ADDRESS> </BODY></HTML>
Connection to host lost.
Is that expected?
I tested with a regular system by pointing my browser to 3128 and it worked fine.
My next step was pointing SWS to 3128 by configuring within SWS 3.0 for NT/2000 to point to a proxy server (10.0.0.102:3128 on the internal NIC).
SWS does work (it has been working fine for over a year) directly to the Internet and through a firewall with NAT as well. No problems with that part.
Just pointing SWS to go to the squid on the SuSe box is where I am having problems.
I haven't contacted Symantec yet.
Any suggestions?
Greg
-----Original Message----- From: Lucio Jankok [mailto:[EMAIL PROTECTED] Sent: Thursday, December 23, 2004 9:23 PM To: [EMAIL PROTECTED] Subject: Re: [squid-users] Squid and Symantec Web Security
Yes we did. Can you do a telnet squid-ip-address 3128 on the SWS ?
On 12/24/04 1:42 AM, "Greg Shepherd" <[EMAIL PROTECTED]> wrote:
> Hello all,
>
> I attempted the following configuration:
>
> Clients --> Symantec Web Security --> Squid 2.5STABLE5.
>
> The SWS server has the capability to forward requests to an upstream proxy
> server (Squid in this case).
>
> It only fails with a timeout error message from SWS.
>
> I didn't see any issues with this on the Symantec Support site nor in
> googling except for a single old reference in 2001.
>
> Has anyone successfully configured what I am attempting to do?
>
> Please help.
>
> Thanks,
>
> Greg
>
_________________________________________________________________
Don�t just search. Find. Check out the new MSN Search! http://search.msn.click-url.com/go/onm00200636ave/direct/01/
