Hello Ruiyan,
Which auth have you set in your outlook anywhere setting ? Squid works
fine with Basic but has big troubles with NTLM.
regards
Clem
Le 23/05/2012 22:38, Ruiyuan Jiang a écrit :
Hi, when I tried to test accessing MS exchange server, the outlook just kept
prompt for the user name and password without luck. Here is the message from
squid's access.log from the test:
1337803935.354 6 207.46.14.62 TCP_MISS/200 294 RPC_IN_DATA
https://webmail.juicycouture.com/Rpc/RpcProxy.dll - PINNED/exchangeServer
application/rpc
1337803937.876 6 207.46.14.62 TCP_MISS/401 666 RPC_IN_DATA
https://webmail.juicycouture.com/rpc/rpcproxy.dll? -
FIRST_UP_PARENT/exchangeServer text/html
1337803937.965 11 207.46.14.62 TCP_MISS/401 389 RPC_IN_DATA
https://webmail.juicycouture.com/rpc/rpcproxy.dll? -
FIRST_UP_PARENT/exchangeServer text/html
1337803938.144 6 207.46.14.62 TCP_MISS/401 666 RPC_OUT_DATA
https://webmail.juicycouture.com/rpc/rpcproxy.dll? -
FIRST_UP_PARENT/exchangeServer text/html
1337803938.229 6 207.46.14.62 TCP_MISS/401 389 RPC_OUT_DATA
https://webmail.juicycouture.com/rpc/rpcproxy.dll? -
FIRST_UP_PARENT/exchangeServer text/html
Here is my squid.conf for the test:
https_port 156.146.2.196:443 accel
cert=/opt/squid-3.1.19/ssl.crt/webmail_juicycouture_com.crt
key=/opt/squid-3.1.19/ssl.crt/webmail_juicycouture_com.key
cafile=/opt/apache2.2.21/conf/ssl.crt/DigiCertCA.crt
defaultsite=webmail.juicycouture.com
cache_peer internal_ex_serv parent 443 0 no-query originserver login=PASS ssl
sslflags=DONT_VERIFY_PEER,DONT_VERIFY_DOMAIN name=exchangeServer
acl EXCH dstdomain .juicycouture.com
cache_peer_access exchangeServer allow EXCH
cache_peer_access exchangeServer deny all
never_direct allow EXCH
http_access allow EXCH
http_access deny all
miss_access allow EXCH
miss_access deny all
Where did I do wrong? I also tried a different squid.conf (basically remove all
the ACLs) but got the same message in access.log:
https_port 156.146.2.196:443 accel
cert=/opt/squid-3.1.19/ssl.crt/webmail_juicycouture_com.crt
key=/opt/squid-3.1.19/ssl.crt/webmail_juicycouture_com.key
cafile=/opt/apache2.2.21/conf/ssl.crt/DigiCertCA.crt
defaultsite=webmail.juicycouture.com
cache_peer internal_ex_serv parent 443 0 no-query originserver login=PASS ssl
sslflags=DONT_VERIFY_PEER,DONT_VERIFY_DOMAIN name=exchangeServer
cache_peer_access exchangeServer allow all
http_access allow all
miss_access allow all
Thanks.
Ryan Jiang
This message (including any attachments) is intended
solely for the specific individual(s) or entity(ies) named
above, and may contain legally privileged and
confidential information. If you are not the intended
recipient, please notify the sender immediately by
replying to this message and then delete it.
Any disclosure, copying, or distribution of this message,
or the taking of any action based on it, by other than the
intended recipient, is strictly prohibited.
