well lets start from 0...
it's wrong to use a 192.0.0.0/24 network as the rfc is 192.168.0.0/16
10.0.0.0/8 172... (dont remember thi 172 local mask)
i was wondering about your network address and mask from the logs.
in any case this connection is not suppose to work using the proxy
because the tunnel is on the local computer and the proxy cant access
this site.
you should start with a more complex wpad file and to set a DIRECT
directive on local networks such as 10.0.0.0/8 to make sure that the
browser will not use the proxy for the tunnel ip's http access.
in this link :
http://www.findproxyforurl.com/pac_file_examples.html
you can find examples for that.
Elizer
On 24/05/2012 17:22, Fosiul Alam wrote:
Hi
This domain : https://ameymdm.ameygroup.int/mobicontrol/
this is not our domain, its not in our network.
Bascially,
"Jupiter Secuire Network Manager", is creating a tunnel from this pc
to Clients Network
Example :
our network is : 192.0.0.0/24
So its creating a a tunnel from this pc to Client Network
the Ip of those tunnel is :
10.202.40.0/21
10.244.1.148
10.202.32.0/21
and Internet exploer is using that tunnel to connect to that website ..
Now When i am using a proxy setting by hand (no WPAD) , and trying
to connect to the network, it does not work ..
but my first question is :
when I click on this link
https://portal.amey.co.uk/dana/home/launch.cgi?url=https%3A%2F%2Fameymdm.ameygroup.int%2Fmobicontrol%2F
it should take me to the website and ask for certifiate ...
but why it does not do that ??
about DNS : i am using proxy server's dns record .
About the nslookup
If i try from the pc where the tunnel is, from there if i run
nslookup
ameymdm.ameygroup.int
it does not return anything ..
i am so confused. dont understhand where to look for ..
On Thu, May 24, 2012 at 2:50 PM, Eliezer Croitoru<elie...@ngtech.co.il> wrote:
check what dns servers are used on the squid proxy machine.
how do you use squid? as a forward proxy server with wpad? manual browser
config? interception?
try to use nslookup tool from the local computer to the domain :
ameymdm.ameygroup.int
next do it on the squid box and make sure they both work.
if they do work from them both then make sure what dns servers are used in
squid.conf.
another question: are you using the squid box as the network gateway?
network dhcp? network dns?
Eliezer
On 24/05/2012 16:31, Fosiul Alam wrote:
Hi
Thanks for quick response
yes, From external you cant access that link, i belived its internal
let me tell you the steps
a) We go to this website
https://portal.amey.co.uk/supportproviders
after providing username and password
it will tell you to download juniper SEtup Client program.
after the program installed , its created a tunnel from this pc to
customer network
b) then we go to anotehr page where we see a link which actually take us
to
https://portal.amey.co.uk/dana/home/launch.cgi?url=https%3A%2F%2Fameymdm.ameygroup.int%2Fmobicontrol%2F
Now : if i dont use Squid, after click on that link it will give a
Certificate error , then from their it will take you to
https://ameymdm.ameygroup.int/mobicontrol/
but From squid, when i click on bellow link
https://portal.amey.co.uk/dana/home/launch.cgi?url=https%3A%2F%2Fameymdm.ameygroup.int%2Fmobicontrol%2F
it will show a "The webpage cannot be found"
so basically squid does not know how to go to that site
dont why ..
but when i try without squid,,
same computer, same network its works perfectly ..
Please give me light..
fosiul
On Thu, May 24, 2012 at 2:20 PM, Eliezer Croitoru<elie...@ngtech.co.il>
wrote:
it seems like a dns problem.
this domain :ameymdm.ameygroup.int
is an internal one so squid should have access to this dns record.
you can try another solution by using exceptions in iptables for inside
ip's
servers.
Eliezer
On 24/05/2012 16:11, Fosiul Alam wrote:
Hi
i am facing a wired behaviour from squid.
we are trying to connect to via Jupiter windows secure application
manager to a clients network via http( Soti Mobi Control)
its works fine from outside of our network , even though from same
internal network without squid proxy .. but when it try to go via
squid, it does not able to resolve the address!!!
example :
after typing username and password , its goes to here
https://portal.amey.co.uk/dana/home/launch.cgi?url=https%3A%2F%2Fameymdm.ameygroup.int%2Fmobicontrol%2F
and it suppose to through a Certificate Error and from their it should
go
to
https://ameymdm.ameygroup.int/mobicontrol/
but it does not through any Certificate error not it goes to
https://ameymdm.ameygroup.int/mobicontrol/
instead of that its say :
The webpage cannot be found
i think its something to do with "https%3A%2F%2Fameymdm" which squid
does not know how to parse.. there is not any deny in squid log.
the log i get :
1337864980.578 33479 192.0.0.131 TCP_MISS/200 24512 CONNECT
portal.amey.co.uk:443 - DIRECT/216.31.202.163 -
1337865025.716 0 192.0.0.131 TCP_MISS/404 0 CONNECT
ameymdm.ameygroup.int:443 - DIRECT/- -
Can any one help me to find out what happenning ...
As i said, if i try without proxy, it works fine. but with proxy it does
not ..
Regards
--
Eliezer Croitoru
https://www1.ngtech.co.il
IT consulting for Nonprofit organizations
eliezer<at> ngtech.co.il
--
Eliezer Croitoru
https://www1.ngtech.co.il
IT consulting for Nonprofit organizations
eliezer<at> ngtech.co.il
--
Eliezer Croitoru
https://www1.ngtech.co.il
IT consulting for Nonprofit organizations
eliezer <at> ngtech.co.il
