On 26/09/2013 12:58 a.m., kazio wolny wrote:
Hello,
I get tired of the topic already two days and I have no power, so please help
...
I did install squid3 (v3.1.19) integrated with AD (according
http://wiki.bitbinary.com/index.php/Active_Directory_Integrated_Squid_Proxy).
Allowing only users who belong to the Admin-Internet. Everything is ok for
browsers and Kerberos, NTLM, LDAP even.
Only I have a problem with Skype - in access.log I see:
1380113279.753 0 10.22.88.22 TCP_DENIED/407 3811 CONNECT 157.56.123.82:443 -
NONE / - text / html;
1380113279.794 0 10.22.88.22 TCP_DENIED/407 3866 CONNECT 157.56.123.82:443 -
NONE / - text / html;
1 1380113281.723 3766 10.22.15.104 TCP_DENIED/407 CONNECT 91.190.216.54:443 -
NONE / - text / html;
I tried to correct it as http://wiki.squid-cache.org/ConfigExamples/Chat/Skype
and other variations, but nothing helps.
Well... if Skype did support authentication you would still see these
log lines as part of the normal authentication challenge process. That
goes for all authentication types, NTLM is somewhat special in that it
always shows up with two 407 in a row like the *.22 client lines above.
This may help you:
https://support.skype.com/en/faq/FA1017/can-i-connect-to-skype-through-a-proxy-server
My experience is that Skype has supported proxies and authentication
nicely enough in all releases for the last ~2 years not to need any
special consideration in the proxy config.
Amos
