Thank you Henrik, Yes I agree as I stated in a reply to Amos this is not an ideal or a good design but I need to make it work.
I do have SQUID configured as forward proxy but I think I need to setup some routing policy (iptables) to make everything go directly through our servers as they are acting like a proxy but not a caching proxy and can not handle CONNECT method. Any ideas would be greatly appreciated and I have looked and tried the Config example in the FAQ & WIki on squid-cache.org. best regards, Guin ----- Original Message ---- From: Henrik Nordström <[email protected]> To: Quin Guin <[email protected]> Cc: [email protected] Sent: Sat, May 15, 2010 3:17:57 AM Subject: Re: [squid-users] http CONNECT method with fwd proxy to content server on same subnet fre 2010-05-14 klockan 07:17 -0700 skrev Quin Guin: > I have a remote server sending a HTTP CONNECT to my server but my > server can't handle an HTTP CONNECT. So I wanted to use squid to > handle the CONNECT method and then send the https requests to my local > server to handle the request. I know that a transparent proxy doesn't > know how to handle the SSL requests because is not operating as a > normal proxy. So I have been using squid as a fwd proxy but it keeps > sending the http CONNECT method to my end server which is causing > issues. So I am asking for ideas on what I need to do to look at do > this. I have tried various iptables rules and cache_peers but nothing > is seeming to work I am using pretty much the default config except > for my local network IPs and ACL to allow the traffic. You should not require anything special. Just Squid configured as a plain proxy and allowing this remote server to access it. Note that you SHOULD NOT configure Squid as a reverse proxy. CONNECT is a proxy method. But as amos mentioned, why is that remote server sending your CONNECT requests in the first place? Probably better to address the problem there. Regards Henrik
