[squid-users] Squid - Can't visit (government site and Banking Site) - Please help
Amos Jeffries
squid3 at treenet.co.nz
Tue Apr 28 16:49:28 UTC 2020
ONn 29/04/20 2:56 am, russel0901 wrote:
> Hi again...
>
> sorry the browser has a configuration, we already static the browser to our
> server 10.20.X.X to port 3333
>
>
> about on the message of error:
>
> This site can’t be reached (on the browser error)
>
> www.bancnetonline.com took too long to respond.
> > Try:
>
> Checking the connection
> Checking the proxy and the firewall
> Running Windows Network Diagnostics
> ERR_TIMED_OUT
>
All worth doing to the best of your abilities, regardless of what help
we provide.
Since Squid-4 said 200 status the TCP connection is _setup_ fine -
implying DNS also okay. However, the time that setup takes may be
relevant. Even if successful it may take long enough to impact the other
layers handshakes.
Path-MTU discovery may still be having issues with packet sizes after
TCP establishment. Missing ACK on any packets is the thing to be looking
for on the TCP connections - both client-Squid and Squid-server.
Then there is the TLS layer handshake. This is across the tunnel between
the client and server.
You can use a TCP packet dump to track the TLS handshake messages
inside the tunnel with wireshark. Or a Squid-4 cache.log at level 9 will
give some indication of what TLS is doing via the I/O sizes. Timing is
again the thing to look for here.
Amos
More information about the squid-users
mailing list