Koozali.org: home of the SME Server
Legacy Forums => Experienced User Forum => Topic started by: ProStar on May 29, 2002, 12:35:57 AM
-
Hello,
I've got an e-smith server with the proxy enabled on my LAN. It works great, except that I cannot get my homebanking-software to work as it should ... Whenever I try to connect I cannot succeed ... it's seems as if I'm thrown out before I reach the main page of the homebanking-software.
I've already changed the config file and tried the "no_cache" and "always_direct" for the site of my bank, but it does not seem to work (I'm familiar with the templates and how it works, so no problems there, by the way, the config file is ok).
The application that my bank uses is a java-applet running on top of www-pages.
The reason I know it is the squid proxy is that when I bypass the e-smith proxy (and go to the proxy of my ISP) it works great.
Anyone has any ideas?
Thanks already for all the replies.
ProStar
-
Hi,
My guess is that the problem lies in the fact that squid only allows secure connections on certain ports (from memory port 443). So if your banking site uses another port squid will simply drop the connection.
You can get around this by modifying the squid templates to allow for secure connections on the specific port that your banking site uses. I've done this modification in several setups and it seems to do the trick.
Let me know if you need specific help on how to implement the modifications. I've got a small handwritten howto that i could write up and post.
Regards,
Kenneth
-
Hi Kenneth,
This would be very much apprciated. I have seen a similar problem accesing Hacienda (IS here in Spain) systems. SQUID says something like ACL denyed acces to por 8000. I have asked them and they say you need to open ports 8000 to 8009. Right now, I cant use the proxy when I want to access their systems :(
Regards
-
Kenneth:
I'd appreciate a quick how to on this also, I have an app on a high port running https & it won't work.
Thanks,
Bobby
-
Has anyone gotten any further here? I'm having similar problems.
Regards,
-
To add more to my problem, I'm having issues with both a bank service that uses https on port 444 instead of 443, and a service that uses a java application. This last one does not give many details, it tells me I need to apply this command:
ipfwadm -F accept -m -P tcp -S 10.0.0.0/8 1024:65535 -D 200.201.174.0/24) 80
-
Hi Kenneth,
This would be very much apprciated. I have seen a similar problem accesing Hacienda (IS here in Spain) systems. SQUID says something like ACL denyed acces to por 8000. I have asked them and they say you need to open ports 8000 to 8009. Right now, I cant use the proxy when I want to access their systems :(
Regards
Not sure if you have tried this, or if it will work, but have you tried editing /etc/squid/squid.conf? Specifically, these lines:
acl SSL_ports port 443 563
acl Safe_ports port 21 70 80 81 119 210 443 563 980 1024-65535
You could backup this file, edit it, restart squid, test. If it works, then you could add the specific entries into the template-custom files.
Just a thought.
JB
-
Don't know if you direct the post at me, but I tried that already and it does not work for my case, even for the 444 port. I think I need to bypass the proxy completely for it to work.