On Fri, Jan 24, 2014 at 6:58 PM, David Jaša wrote: > On Pá, 2014-01-24 at 18:45 +0100, David Jaša wrote: >> On Pá, 2014-01-24 at 09:39 -0800, David Li wrote: >> > David, >> > >> > With SpiceProxy, should I point my admin portal browser to >> > http://proxy_ip_or_fqdn:port? Does it matter which port number to use? >> >> Both FQDN/IP and port do matter. You have to set them so they point to a >> running http proxy server instance (e.g. squid). Engine won't set up a >> spice-capable http proxy > > Just to clarify: you need to tell squid to permit connections to spice > port range (5900-6144 IIRC). It only allows connections to http ports by > default. > > David > >> for you, you have to take care of it yoursef. >> >> What engine can do for you is to configure websocket proxy that allows >> connections by html5 client (the one that runs entirely in browser). >> >> David
On my CentOS 5.10 server (10.4.4.63) that is the squid proxy for engine I have this configuration that works [root@c510 squid]# diff squid.conf squid.conf.orig 578,582d577 < < acl localnet src 10.4.3.0/24 # RFC1918 possible internal network < acl localnet src 10.4.23.0/24 # RFC1918 possible internal network < acl localnet src 10.4.4.0/24 # RFC1918 possible internal network < 625c620 < #http_access deny CONNECT !SSL_ports --- > http_access deny CONNECT !SSL_ports 639d633 < http_access allow localnet 927,928c921 < #http_port 3128 < http_port 80 --- > http_port 3128 My clients where I run the browser that connects to engine (10.4.4.58) are on 10.4.3.0, 10.4.4.0 or 10.4.23.0 networks. No iptables on proxy server oVirt hosts are on 10.4.4.0 netowrk too. HIH, Gianluca _______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users