Bumping my old thread, but I am going to try this again from scratch seeing as I have some time now and I was never able to get it working as I wanted!
Those who tried, replied or have it working themselves, could you advise if you read any online guide as to how to correctly set this up? I read a few, and think I did it correct though as mentioned a few months ago, was not able to get the upstream proxy working (seeing as our inet ISP is itself via a proxy).
Is Squid actually running properly?
What platform are you using? On Centos/RH, try the command
service squid status
A common fault when you regenerate the cache directories is the error 'Squid is started but no running copy' or something like that.
On Ubuntu - squid itself did work (I think), as dansguardian did work in that. I am currently running a fresh install anyway as I can't remember what I changed etc and probably easier to start again, but then the risk is configuring all again to get the same issue as last time!
My guess is that the upstream proxy requires authentication - can you confirm if this is the case?
If it is then you will need to use the login=PASS parameter
I had a similar issue a while back with Squid and an upstream proxy that isn't administrated by my department. The upstream proxy sat in a public network and would only allow connections from certain addresses which were the public outside addresses of all the schools that used it. This setup works great when connecting directly to it, but when we tried to go through an internal squid proxy the connections would time out. It turns out in Squid's default configuration it sends the originating internal IP address to the outside proxy in the payload. The outside proxy was looking at this as the originating address instead our outside interface on the firewall and blocking the connection as a result. To disable Squid from passing the internal address to the upstream proxy add this to your config:
I hope this fixes it....
We do not have authentication to our LEA proxy.
Originally Posted by grant_girdwood
Thanks for the advice; I simply can't remember if this was configured or not and I have since reinstalled the lot but personal concerns have meant I have yet to finish that. I'll be sure to try when I next have the opportunity and let you know - it sure does sound like it may be a resolution!
Originally Posted by Duke5A