Re: [squid-users] NTLM broken when using a parent proxy...
Hi Guido, did you had a chance to test the configuration yet? Danny -- Whenever, wherever http://www.cyberdelia.de We're meant to be together [EMAIL PROTECTED] I'll be there and you'll be near And that's the deal my dear
Re: [squid-users] NTLM broken when using a parent proxy...
Hi Daniel, At 08.55 12/09/2003, Daniel Meyer wrote: Hi Guido, did you had a chance to test the configuration yet? Not yet, sorry. But I think it should be better if you send me all the squid.conf file. Regards Guido - Guido Serassio Acme Consulting S.r.l. Via Gorizia, 69 10136 - Torino - ITALY Tel. : +39.011.3249426 Fax. : +39.011.3293665 Email: [EMAIL PROTECTED] WWW: http://www.acmeconsulting.it/
Re: [squid-users] NTLM broken when using a parent proxy...
Hi Guido, Please, do You can post your squid configuration ? I like to try it on a not Windows machine to see what happens and after compare with a Windows environment. Here we go. Should be all the non-default lines from squid.conf: http_port 8080 cache_peer 127.0.0.1 parent 8000 0 no-query prefer_direct off cache_mem 32 MB cache_dir ufs e:/squid/var/cache 2048 16 256 cache_access_log e:/squid/var/logs/access.log cache_log e:/squid/var/logs/cache.log cache_store_log e:/squid/var/logs/store.log mime_table e:/squid/etc/mime.conf pid_filename e:/squid/var/logs/squid.pid diskd_program e:/squid/libexec/diskd.exe unlinkd_program e:/squid/libexec/unlinkd.exe pinger_program e:/squid/libexec/pinger.exe auth_param ntlm program e:/squid/libexec/ntlm_win32_auth.exe auth_param ntlm children 5 auth_param ntlm max_challenge_reuses 32 auth_param ntlm max_challenge_lifetime 15 minutes auth_param basic program e:/squid/libexec/nt_auth.exe -D SIEPMANN auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours auth_param basic children 5 acl Eingeschraenkt proxy_auth e:/squid/etc/Eingeschraenkte_Benutzer.txt acl Allgemein proxy_auth e:/squid/etc/Allgemeine_Benutzer.txt acl ErlaubteDomains url_regex e:/squid/etc/Erlaubte_Domains.txt http_access allow Eingeschraenkt ErlaubteDomains http_access deny Eingeschraenkt !ErlaubteDomains http_access allow all Allgemein Danny -- Whenever, wherever http://www.cyberdelia.de We're meant to be together [EMAIL PROTECTED] I'll be there and you'll be near And that's the deal my dear
[squid-users] NTLM broken when using a parent proxy...
Hi everyone, i have SquidNT running with NTLM authentication. Everything is running fine after the tips from Guido (thanks again). Now i configured the proxy to use a parent proxy, and prefere that parent over direct connections. After i did that NTLM broke. If the parent proxy is dead, then everything works fine. The users are authenticated by their InternetExplorer, no questions, usernames or passwords asked. If the parent proxy is alive, then NTLM breaks. Squid asks for a username and password, and even if you enter a valid combination the request is denied. Thats quite bad because we want to take advantage of NTLM (not bugging the users with entering username and password everytime they start a new browser and still have authentication) and of the Viruswall (the parent proxy). Any hints? Danny -- Whenever, wherever http://www.cyberdelia.de We're meant to be together [EMAIL PROTECTED] I'll be there and you'll be near And that's the deal my dear
Re: [squid-users] NTLM broken when using a parent proxy...
tis 2003-09-09 klockan 16.11 skrev Daniel Meyer: If the parent proxy is dead, then everything works fine. The users are authenticated by their InternetExplorer, no questions, usernames or passwords asked. If the parent proxy is alive, then NTLM breaks. Squid asks for a username and password, and even if you enter a valid combination the request is denied. Maybe the parent also requires authentication? Regards Henrik -- Donations welcome if you consider my Free Squid support helpful. https://www.paypal.com/xclick/business=hno%40squid-cache.org Please consult the Squid FAQ and other available documentation before asking Squid questions, and use the squid-users mailing-list when no answer can be found. Private support questions is only answered for a fee or as part of a commercial Squid support contract. If you need commercial Squid support or cost effective Squid and firewall appliances please refer to MARA Systems AB, Sweden http://www.marasystems.com/, [EMAIL PROTECTED]
Re: [squid-users] NTLM broken when using a parent proxy...
On 9 Sep 2003, Henrik Nordstrom wrote: tis 2003-09-09 klockan 16.11 skrev Daniel Meyer: If the parent proxy is dead, then everything works fine. The users are authenticated by their InternetExplorer, no questions, usernames or passwords asked. If the parent proxy is alive, then NTLM breaks. Squid asks for a username and password, and even if you enter a valid combination the request is denied. Maybe the parent also requires authentication? No. I can use the parent proxy without authentication, verified by just changing the proxy setting in the browser. Danny -- Whenever, wherever http://www.cyberdelia.de We're meant to be together [EMAIL PROTECTED] I'll be there and you'll be near And that's the deal my dear
Re: [squid-users] NTLM broken when using a parent proxy...
Hi Daniel, At 16.11 09/09/2003, Daniel Meyer wrote: Hi everyone, i have SquidNT running with NTLM authentication. Everything is running fine after the tips from Guido (thanks again). Now i configured the proxy to use a parent proxy, and prefere that parent over direct connections. After i did that NTLM broke. If the parent proxy is dead, then everything works fine. The users are authenticated by their InternetExplorer, no questions, usernames or passwords asked. If the parent proxy is alive, then NTLM breaks. Squid asks for a username and password, and even if you enter a valid combination the request is denied. Thats quite bad because we want to take advantage of NTLM (not bugging the users with entering username and password everytime they start a new browser and still have authentication) and of the Viruswall (the parent proxy). Any hints? Please, do You can post your squid configuration ? I like to try it on a not Windows machine to see what happens and after compare with a Windows environment. Regards Guido - Guido Serassio Acme Consulting S.r.l. Via Gorizia, 69 10136 - Torino - ITALY Tel. : +39.011.3249426 Fax. : +39.011.3293665 Email: [EMAIL PROTECTED] WWW: http://www.acmeconsulting.it/
