POP, SMTP and HTTPS don't pass through

Started by henriquelm

POP, SMTP and HTTPS don't pass through   30 July 2010, 04:00

I have just followed this link: http://www.softperfect.com/support/articles/squid/ to setup Squid NT to run on a Windows Server 2008 R2, and http works fine, but even though I have added both ports 80 and 443 to the squid rule, https doesn't work. I also would like to give access to the users to ports 25 and 110.

How do I get https, pop, and smtp to pass through Softperfect Bandwidth Manager?

Thanks
SoftPerfect Support forum - Andrew avatar image

Re: POP, SMTP and HTTPS don't pass through   30 July 2010, 06:33

Squid is designed to be a web-cache, meaning a limited set of protocols is supported. According to the docs it only supports HTTP, FTP, Gopher, WAIS and SSL. Moreover, SSL is not cached and may require additional configuration. Basically, it only makes sense to route port 80 via Squid.

In other words, the following ruleset will do:
Rule 1
Source: Client
Destination: Any: 80
Protocol: TCP
Advanced: Forward to Squid

Rule 2
Source: Client
Destination: Any: Any
Protocol: TCP/UDP
Here the first rule routes all web-content via Squid, while everything else is available directly as per the second rule.

POP, SMTP and HTTPS doesn't work!   31 July 2010, 05:54

I have just tried the rules you told me and the ones below and https, pop and smtp still doesn't work.

Rule 1
Direction: Both
Interface: Local Interface
Source: Any: Any
Destination: Any: 80
Protocol: TCP
Advanced: Forward to 3128

Rule 2
Direction: Both
Interface: Local Interface
Source: Any: Any
Destination: Any: Any
Protocol: TCP/UDP
SoftPerfect Support forum - Andrew avatar image

POP, SMTP and HTTPS doesn't work!   31 July 2010, 06:45

Please sketch your network layout as a diagram showing client computers, the server, their IP addresses and how all this is connected to the Internet. I need to know exactly what is connected to what and the IP configuration, in order to able to give helpful advice.

POP, SMTP and HTTPS doesn't work!   01 August 2010, 13:44

My network setup:

Modem ADSL2 - 192.168.3.1

Ethernet cable

Server external nic - 192.168.3.5

Server internal nic - 192.168.2.5

16 port switch

Clients IPs - 192.168.2.100 - 192.168.2.199
SoftPerfect Support forum - Andrew avatar image

POP, SMTP and HTTPS doesn't work!   01 August 2010, 20:40

What do clients have set as the default gateway? I suppose 192.168.3.1?

How is the server configured? Are the internal and external NICs bridged?

Please also provide an example to what host you trying to connect via SMTP/POP3 and what exactly you are getting, e.g. what error messages.

POP, SMTP and HTTPS doesn't work!   03 August 2010, 05:14

I'm sorry, this is not the network setup that I have working right now, this is the setup that I am trying to get working with Squid and Softperfect Bandwidth Manager.

At the moment I only have one network 192.168.2.* and all clients have straight access to the modem.

Modem ADSL2 - 192.168.2.1

Server internal nic - 192.168.2.5

Clients IPs - 192.168.2.100 - 192.168.2.199

--------------------------------------------------------------------------------

>What do clients have set as the default gateway? I suppose 192.168.3.1?

When I was trying to get clients to have access to the internet through the server I was setting the gateway as 192.168.2.5 and it was working for port 80, very slow by the way.

>How is the server configured? Are the internal and external NICs bridged?

I followed the Softperfect Bandwidth Manager tutorial. The server nic cards were not bridged.
SoftPerfect Support forum - Andrew avatar image

POP, SMTP and HTTPS doesn't work!   03 August 2010, 17:14

Now it's become totally unclear. It's crucial to me to understand what exactly you have configured. Okay, supposedly you have the setup shown below

the link no longer exists

If so, please provide a complete output of the ipconfig /all command launched at the server and a client.

POP, SMTP and HTTPS doesn't work!   04 August 2010, 00:17

Yes, this is exactly how my network is setup at the moment.

My client ipconfig /all: http://pastebin.com/y9Syx32s

My server ipconfig /all: http://pastebin.com/bdx5zA34
SoftPerfect Support forum - Andrew avatar image

POP, SMTP and HTTPS doesn't work!   07 August 2010, 18:16

It seems that you have not configured the server properly. Basically if you want the server to act as a gateway, you need to configure the NAT or ICS (Internet Connection Sharing) service. Otherwise, when the server receives requests from the client computers, it does not know what to do.

Ideally, you should reconfigure your network as follows:
the link no longer exists

The server will need to have two NICs installed. One connected to the ADSL modem, the other connected to the switch. The Internet Connection Sharing service or NAT needs to be configured on the server, so it forwards traffic from the clients to the router. The clients will use the server as the default gateway, and perhaps the ADSL modem as DNS server.

POP, SMTP and HTTPS doesn't work!   10 August 2010, 03:53

Yeap, that's how I setup my network every time I try to get squid to work, but because clients were able to access the internet (partially), I didn't know that I had to configure ICS, I thought that Softperfect Bandwidth Manager would be enough.

I’m still not sure on which nic card should I enable the ICS, internal or external?

POP, SMTP and HTTPS doesn't work!   11 August 2010, 03:48

If you are using the internal bridging from BWM it is enough.
It's one or the other: Or the internal bridge or ICS but not both.
I have a BWM+Squid+Windows XP setup and it all works together. Make sure you haven't got some firewall blocking your traffic.
First test your setup without Squid. If that works, add Squid.

If you want to use ICS then you will have to enable it on the WAN (external) side. That's the connection to be shared for internet access.

Cheers,
Arthur
NetSec1

POP, SMTP and HTTPS doesn't work!   11 August 2013, 09:43

I have having a similar problem. I have a Windows Server 2008 box with 2 network cards. The outside card connects to my router and the inside card connects to a switch along with my desktop computers. I am running RRAS on the server to share the internet connection and it works great.

If I run Squid on the server, and point my browsers directly to Squid, all my web traffic works great. HTTP and HTTPS sites both work just fine on the browser, and my Outlook connects to Hosted Exchange no problem.

However, the second I turn on the SoftPerfect Bandwidth Manager in transparency (exactly according to the instructions on this website) my HTTPS websites and my Outlook fail to work. It appears that the Bandwidth Manager does not forward HTTPS (TCP port 443) traffic to Squid, because when I configure the browsers directly to Squid it all works fine.

So if the Bandwidth Manager cannot send the HTTPS traffic to Squid, can it at least be configured to pass the traffic along instead of blocking it? I really need to have transparent proxying on the network, working along with HTTPS and Outlook traffic. I can't do one or the other, I need both.

Much thanks!!
SoftPerfect Support forum - Andrew avatar image

POP, SMTP and HTTPS doesn't work!   12 August 2013, 12:39

Unfortunately making Squid transparently proxy HTTPS traffic is a more complex task than the regular HTTP. There's a some more info here.

Having said that, it may be difficult to get to work. You however should not have any problems with passing HTTPS through. For this, you would generally need to do the following:

1. Create a rule that captures client traffic on all ports

SoftPerfect support forum

2. Create a mapping that redirect everything to the Squid port

SoftPerfect support forum

3. Configure it to pass only HTTP traffic to Squid. So any other traffic will not be processed by the mapping.

SoftPerfect support forum

Sometimes you can get the answer faster if you try the forum search and/or have a look at the software user manual to see if your question has already been answered.

Our forum rules are simple:

  • Be polite.
  • Do not spam.
  • If possible, check your spelling and grammar.

Author:

Email:

Subject

A brief and informative title for your message, approximately 4–8 words:

     

Spam prevention: please enter the following code in the input field below.

 **    **   *******   **      **   ******    ********  
 ***   **  **     **  **  **  **  **    **   **     ** 
 ****  **         **  **  **  **  **         **     ** 
 ** ** **   *******   **  **  **  **   ****  **     ** 
 **  ****         **  **  **  **  **    **   **     ** 
 **   ***  **     **  **  **  **  **    **   **     ** 
 **    **   *******    ***  ***    ******    ********  

Message: