Squid proxy with parent cache and authentication

  • Hi everyone, newbie here :). I'm hoping someone might be able to help me out with a rather awkward setup.

    Basically I'm trying to setup a caching proxy to speed up our crappy internet connection that directs everything to an offsite parent proxy that uses negotiate authentication (required) on a different domain. I want users to be prompted for their username/password as normal and to login to the parent proxy but to have local caching available as well. After tons of research with squid and a lot of trial and error it does seem possible in certain scenarios, but seeing as I have no control over the parent proxy that may be the issue.

    Pfsense is configured with parent proxy details, no icp. Login=PASSTHRU, I have added the custom squid line "never direct always all"

    The clients are prompting for authentication and will process content through the proxy server that doesn't require auth (e.g windows updates) so it's working at a basic level but no matter what it will not accept credentials. username@domain, domain\username etc. No format seems to be working. I've checked the logging and it's just constant miss/407 results. So it looks like it's not accepting the login.

    I've tried playing with the header values in the general proxy settings but nothing seems to be working. I'm guessing that the parent proxy believes it isn't getting a connection directly from the client, but I thought that's what the PASSTHRU option was supposed to fudge?

    Any help would be greatly appreciated,

    Thank you

Log in to reply