[prev in list] [next in list] [prev in thread] [next in thread]
List: sidewinder
Subject: [Sidewinder] TCP_MISS/200, 401, 302 errors in squid proxy
From: sidewinder () adeptech ! com
Date: 2004-06-10 19:05:56
Message-ID: 200406102043.i5AKh3q25718 () aag ! adeptech ! com
[Download RAW message or body]
I'd recommend the following:
1) Configure IIS on the Exchange web gateway to allow only Basic
authentication to fix the problem
2) Allow ONLY SSL to access the Exchange web gateway (you don't want to send
Basic authentication credentials unencryupted -- they are just UUENCODE'd
3) Configure the browser to NOT send the NTLM credentials (this can be
configured by "zone")
That works.
JRJ
------------------------------
Message: 3
Date: Wed, 09 Jun 2004 13:00:18 -0500
From: sidewinder@adeptech.com
Subject: [Sidewinder] TCP_MISS/200, 401, 302 errors in squid proxy
To: sidewinder@adeptech.com
Message-ID: <200406091801.i59I1lYf028118@dak.adeptech.com>
Content-Type: text/plain; charset="iso-8859-1"
We're running Sidewinder G2 6.1.0.02. I'm using the WebProxy (Squid) for
outbound HTTP traffic (in transparent mode). I have a user who is trying to
access his home OWA Exchange server. When he tries, the authentication
fails. The first one succeeds, but after that, it fails (and seems to be
inserting our work NT domain instead of his home NT domain). In the audit
log and Squid logs I see several 401 and 302 HTTP message numbers.
Any obvious reasons why this doesn't work? It works for him from other
Internet sites.
-----------
Rod Johnson
mushin@techie.com
_______________________________________________
Sidewinder mailing list
Sidewinder@adeptech.com
http://mail.adeptech.com/mailman/listinfo/sidewinder
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic