[prev in list] [next in list] [prev in thread] [next in thread] 

List:       squid-users
Subject:    RE: [squid-users] Proxy AND reverse proxy
From:       "bret.jerome" <bret.jerome () laposte ! net>
Date:       2007-05-31 16:31:28
Message-ID: JIWZ8G$FE4D125E51983B78AFCC3F8A2737A770 () laposte ! net
[Download RAW message or body]

OK Thanks
For simplified, i try to work with a no ssl site and if it
work i try ssl

I do this in my squid.conf :
http_port 3128 accel defaultsite=SITE
cache_peer 172.17.0.1 parent 80 0 no-query originserver

But I am a error when i try to launch squid : 
FATAL: Bungled squid.conf line 332: http_port 3128 accel
defaultsite=SITE
Squid Cache (Version 2.6.STABLE5-NT): Terminated abnormally.

In resume, my squid work fine in proxy cache mode. This the conf :
http_port 3128   # for proxy cache
cache_peer localhost parent 8080 0 default no-query     # for
use a proxy antivirus

auth_param basic program c:/squid/libexec/squid_ldap_auth.exe
-R -b ......    # for identified my user
auth_param basic children 5
auth_param basic realm Authentification
auth_param basic credentialsttl 30 second

acl MONRESEAU src 172.17.0.0/255.255.0.0 
acl AUTHENT proxy_auth REQUIRED
...
http_access allow MONRESEAU AUTHENT
http_access deny all

In firefox, the proxy config is IP : 192.168.150.1  and port :
3128

Squid is on a server in DMZ.
I have open route and ACL in the firewall
My site in intranet http://172.17.0.1/SITE/ work fine
Now I want to access to this site on internet like this :
http://PU.BL.IC.IP/SITE/
How to do this ?
Thanks.

Jérôme

PS : sorry for my poor english... ;-)


-----Message d'origine-----
De : Henrik Nordstrom [mailto:henrik@henriknordstrom.net] 
Envoyé : mercredi 30 mai 2007 20:10
À : bret.jerome
Cc : squid-users
Objet : Re: [squid-users] Proxy AND reverse proxy

ons 2007-05-30 klockan 15:58 +0200 skrev bret.jerome:

> I use squid-2.6.STABLE5-NT as a proxy for my organisation.
> There are no problem.
> Now, i want to use squid as a reverse proxy, for my website.
> The site what i want to publish is on a IIS6 and SSL.
> In the intranet, the direct connection to the site is 
> https://172.17.1.1/SITE/
> 
> This is my squid config :
> http_port 3128 # for the proxy cache
> httpd_accel_host 172.17.1.1 # IP address of web server 
> httpd_accel_port 443 # Port of web server
httpd_accel_single_host on # 
> Forward uncached requests to single host
httpd_accel_with_proxy on 
> httpd_accel_uses_host_header off

The above is for Squid-2.5, and additionally won't do what you
are after.. (2.5 can't).

For Squid-2.6 see the FAQ. Much simpler, and fully capable of
doing what you are after. For https you need to use the
https_port directive, which requires a usable SSL certificate
(and key).

http://wiki.squid-cache.org/SquidFaq/ReverseProxy

Regards
Henrik


Créez votre adresse électronique prenom.nom@laposte.net 
1 Go d'espace de stockage, anti-spam et anti-virus intégrés.


[prev in list] [next in list] [prev in thread] [next in thread]