[squid-users] squid reverse proxy infront of exchange 2010
Alex Samad
alex at samad.com.au
Wed Dec 2 09:39:49 UTC 2015
Just to add to this I have a lot of these in the log file
TCP_MISS_ABORTED/000 0 RPC_IN_DATA
TCP_MISS_ABORTED/200 4322 RPC_OUT_DATA
TCP_MISS_ABORTED/000 0 RPC_IN_DATA https:
On 2 December 2015 at 17:24, Alex Samad <alex at samad.com.au> wrote:
> Hi
>
> recently upgraded to squid-3.5.11-1.el6.x86_64 from the centos 6.7 squid 3.1
>
>
> I am now having problems with people who use active sync via this
> connection . seems like emails with attachments aren't making it
> through .
>
> cache_peer 10.32.69.11 parent 443 0 proxy-only no-query no-digest
> originserver login=PASS front-end-https=on ssl
> sslflags=DONT_VERIFY_PEER sslcert=/etc/httpd/conf.d/office.yx.com.crt
> sslkey=/etc/httpd/conf.d/office.yx.com.key name=exchangeServer
>
>
> cache_peer 127.0.0.1 parent 443 0 proxy-only no-query no-digest
> originserver login=PASS ssl sslflags=DONT_VERIFY_PEER
> sslcert=/etc/httpd/conf.d/office.yx.com.crt
> sslkey=/etc/httpd/conf.d/office.yx.com.key name=webServer
> c
>
> # List of acceptable URLs to send to the Exchange server
> acl exch_url url_regex -i office.yieldbroker.com/exchange
> acl exch_url url_regex -i office.yieldbroker.com/exchweb
> acl exch_url url_regex -i office.yieldbroker.com/public
> acl exch_url url_regex -i office.yieldbroker.com/owa
> acl exch_url url_regex -i office.yieldbroker.com/ecp
> acl exch_url url_regex -i office.yieldbroker.com/microsoft-server-activesync
> acl exch_url url_regex -i office.yieldbroker.com/rpc
> acl exch_url url_regex -i office.yieldbroker.com/rpcwithcert
> acl exch_url url_regex -i office.yieldbroker.com/exadmin
> acl exch_url url_regex -i office.yieldbroker.com/oab
> # added after
> acl exch_url url_regex -i office.yieldbroker.com/ews
> # Not configured on exchange 2010
> #acl exch_url url_regex -i office.yieldbroker.com/autodiscover
>
> # Send the Exchange URLs to the Exchange server
> cache_peer_access exchangeServer allow exch_url
>
> # Send everything else to the Apache
> cache_peer_access webServer deny exch_url
>
> # This is to protect Squid
> never_direct allow exch_url
>
> # Logging Configuration
> redirect_rewrites_host_header off
> cache_mem 32 MB
> maximum_object_size_in_memory 128 KB
> cache_log none
> cache_store_log none
>
> access_log stdio:/var/log/squid/office-access.log squid
> #access_log none
> cache_log /var/log/squid/office-cache.log
> #cache_log none
> pid_filename /var/run/squid-office.pid
>
>
> # Set the hostname so that we can see Squid in the path (Optional)
> visible_hostname yieldbroker.com
> deny_info TCP_RESET all
>
> # ACL - required to allow
> #acl all src ALL
>
> # Allow everyone through, internal and external connections
> http_access allow all
> miss_access allow all
>
> icp_port 0
> snmp_port 0
>
> via off
>
>
> The previous setup had worked for at least 18 months.
>
> Alex
More information about the squid-users
mailing list