Hello list, i want to use my squid in accelerator mode to secure the access to our Exchange Server (Outlook Webaccess). If i use port 80 to connect to the squid, it works fine. All traffic to the Exchange Server will be routed to the squid. With netstat -an i can see it. If i connect with port 443 to the squid, i see a message like this: the side contains secure and unsecure objects. Do you want to display the unsecure objects ? When i press the YES button, my workstation connect to the Exchange Server direct. I see it with netstat -an. This is my configuration:
Debian GNU Linux woody Squid-2.5.Stable7 Usersystem ----HTTPS---------------- Squid -----------------HTTP---------------- Exchange Server owa.testnetz.de exchange.testnetz.de Request: 192.168.20.10 192.168.20.20 https://owa.testnetz.de/exchange Certificate is generated for owa.testnetz.de /opt/squid/etc/squid.conf http_port 80 https_port 443 cert=/opt/squid/etc/server.crt key=/opt/squid/etc/server.key httpd_accel_host 192.168.20.20 httpd_accel_port 80 httpd_accel_uses_host_header on httpd_accel_single_host off cache_mgr [EMAIL PROTECTED] visible_hostname owa.testnetz.de dns_testnames owa.testnetz.de debug_options ALL,2 logfile_rotate 5 cache_log /opt/squid/var/logs/cache.log cache_access_log /opt/squid/var/logs/access.log cache_store_log /opt/squid/var/logs/store.log coredump_dir /opt/squid/var/logs/ pid_filename /opt/squid/var/logs/squid.pid error_directory /opt/squid/share/errors/German cache_replacement_policy lru cache_dir ufs /opt/squid/var/cache 1024 64 256 cache_swap_low 90 cache_swap_high 95 maximum_object_size 2046 MB store_dir_select_algorithm least-load cache_mem 64 MB maximum_object_size_in_memory 64 KB memory_replacement_policy lru mime_table /opt/squid/etc/mime.conf ipcache_size 10000 ipcache_low 90 ipcache_high 95 fqdncache_size 1024 refresh_pattern . 0 20% 4320 acl QUERY urlpath_regex cgi-bin \? no_cache deny QUERY acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl Exchange_IP dst 192.168.20.20 acl SSL_ports port 443 acl Safe_ports port 443 # https acl Safe_ports port 80 # http acl Exchange_Port port 80 acl CONNECT method CONNECT always_direct allow all http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access allow all Exchange_IP http_access deny all http_reply_access allow all icp_access deny all cache_effective_user squid cache_effective_group squid /etc/hosts edm:~# cat /etc/hosts 127.0.0.1 localhost 192.168.20.20 owa.testnetz.de owa can anyone help me ?? tino Mit freundlichen Grüssen Tino Glatzel badenIT Innovationstechnologie für Ihre Zukunft Tino Glatzel badenIT GmbH System Support Tullastr. 70 D-79108 Freiburg Tel. +49 761 279-2804 Fax +49 761 279-572804 mailto:[EMAIL PROTECTED] www.badenIT.de