On 19/01/11 21:41, Hakan Cosar wrote:
Hello,
we are trying to get reverse proxy work for Windows SBS 2008. Active-Sync and
OWA works fine on SBS.
I've exported the certificate from SBS as .pfx and converted it to .pem format.
The Domain name remote.sci.de is not public; instead we use the public
IP-Address.
Any idea?
Cosar
--squid.conf----------------------------------------------------------------
visible_hostname revproxy
Visible hostname is supposed to be the public hostname by which the
public see your proxy machine identified. I would expect it to be
"remote.sci.de" in this case.
debug_options ALL,1
extension_methods RPC_IN_DATA RPC_OUT_DATA
https_port 192.168.50.199:443 accel cert=/etc/squid/cert/sbs2008.pem
key=/etc/squid/cert/sbs2008.key defaultsite=remote.sci.de
cache_peer 192.168.5.34 parent 443 0 no-query originserver login=PASS
front-end-https=on name=exchangeServer
You need at minimum to flag "ssl" on the cache_peer line to turn on SSL
encryption on that link.
acl owa dstdomain remote.sci.de
cache_peer_access exchangeServer allow owa
cache_peer_access exchangeServer allow all
never_direct allow owa
http_access allow owa
http_access allow all
miss_access allow owa
miss_access allow all
--squid.conf----------------------------------------------------------------
Cache.log says:
2011/01/18 16:24:57| Squid Cache (Version 3.0.STABLE20): Exiting normally.
2011/01/18 16:24:58| Starting Squid Cache version 3.0.STABLE20 for
i386-redhat-linux-gnu...
<snip>
2011/01/18 16:24:59| storeLateRelease: released 0 objects
-----BEGIN SSL SESSION PARAMETERS-----
MFECAQECAgMBBAIAhAQABDAgagjWSe3u/7aXYFMw117Ty+i+g2VyHR1hRYLV/PND
yxtyiDO7NYN7MVbNoZ+TOw6hBgIETTWxLqIEAgIBLKQCBAA=
-----END SSL SESSION PARAMETERS-----
2011/01/18 16:26:54| TCP connection to 192.168.5.34/443 failed
Amos
--
Please be using
Current Stable Squid 2.7.STABLE9 or 3.1.10
Beta testers wanted for 3.2.0.4
