Not sure why I didn't think of that. Thanks! Josh ________________________________________ From: Eliezer Croitoru [elie...@ngtech.co.il] Sent: Thursday, July 19, 2012 6:12 PM To: squid-users@squid-cache.org Subject: Re: [squid-users] Non-browser applications using NTLM+Squid?
On 7/19/2012 11:29 PM, Baird, Josh wrote: > Hi, > > I'm wondering what others are doing about non-browser applications > (Anti-virus software that fetches updates, instant messengers over HTTP, etc) > that sit behind a Squid proxy that requires NTLM authentication? These > applications, in my experience, use Windows' proxy settings to proxy their > outbound traffic, but can't speak NTLM, so the application is prevented from > proxying any traffic. > > Would a Kerberos integrated Squid be a possible solution to this problem? > > Thanks, > > Josh > very simple.. just allow them all before the authentication acls such as in: acl updates dstdomain .windowsupdates.microsoft.com .antivirusupdates.org acl updates1 dst 192.168.0.1/32 http_access allow localnet updates http_access allow localnet updates1 http_access allow localnet ntlm_auth_helper http_access deny all Regards, Eliezer -- Eliezer Croitoru https://www1.ngtech.co.il IT consulting for Nonprofit organizations eliezer <at> ngtech.co.il
