Welcome, Guest. Please login or register.
Did you miss your activation email?
Thursday 31 October 2024, 11:18:53 am

Login with username, password and session length

The Latest Endian Firewall is now available for download HERE
14248 Posts in 4376 Topics by 6515 Members
Latest Member: hulteends
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  EFW SMTP, HTTP, SIP, FTP Proxy Support
| | |-+  Problems with Google when Proxy/Content Filter Enabled
0 Members and 2 Guests are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Problems with Google when Proxy/Content Filter Enabled  (Read 15614 times)
chelcorob
Jr. Member
*
Offline Offline

Posts: 4


« on: Thursday 12 February 2009, 09:10:09 pm »

Hi

We are having problems with our proxy setup. It is a transparent proxy with no authentication.

It has been working fine for the past month but recently we keep getting "Connection Refused" errors from Squid. Google isn't blocked in any way (we have also added it to the 'allow' list) but we still keep experiencing this problem. Usually, restarting Endian will fix it but it will start to happen again after a day or two.

As a temporary fix we have completely disabled the proxy but this is not an ideal solution as our management likes to see the logs of accessed websites.

The only site it is affecting is Google, all other websites are fine, we have removed all other blocked sites for the purpose of testing this but still no luck.

We are using Endian Community release 2.2.rc3.

Does anyone have any ideas?

Thanks,
Rob.
Logged
npeterson
Full Member
***
Offline Offline

Posts: 90


« Reply #1 on: Saturday 14 February 2009, 04:39:08 am »

Can you do a ping or traceroute to google when its happening? have you checked your dns settings to make sure you are pulling DNS from good servers? Do you see anything in the logs? Are you chaining your connection to another proxy server that is having problems?
Logged
chelcorob
Jr. Member
*
Offline Offline

Posts: 4


« Reply #2 on: Wednesday 18 February 2009, 08:19:09 pm »

The DNS seems to be fine as it works ok when the transparent proxy is disabled (all client machines point to the firewall for DNS which in turn points to OpenDNS) and we don't have it going through any other proxy servers.

I can ping it fine and get the usual responses. Here is the result of a traceroute:

Quote
N:\>tracert google.com

Tracing route to google.com [74.125.45.100]
over a maximum of 30 hops:

  1    <1 ms    <1 ms    <1 ms  10.10.254.4
  2    17 ms    99 ms    99 ms  10.0.1.254
  3     *        *        *     Request timed out.
  4     *       18 ms    19 ms  10.1.2.165
  5    18 ms    18 ms    18 ms  195.66.224.125
  6    18 ms    18 ms    18 ms  209.85.252.42
  7    19 ms    89 ms    18 ms  209.85.130.85
  8    90 ms    94 ms    90 ms  216.239.43.113
  9    94 ms    87 ms    86 ms  209.85.255.140
 10    95 ms    95 ms    95 ms  72.14.239.84
 11    95 ms    95 ms   122 ms  72.14.238.138
 12   107 ms    95 ms   108 ms  216.239.48.69
 13   108 ms   108 ms   108 ms  209.85.253.141
 14   115 ms   107 ms   108 ms  209.85.254.243
 15   122 ms   109 ms   107 ms  yx-in-f100.google.com [74.125.45.100]

Trace complete.


I'm not sure what the 10.1.2.165 IP is as it doesn't appear to be on our network, 10.0.1.254 is our ADSL modem. I'm not too advanced with networking but if an IP is on the 10 range isn't it a private IP and not on the internet?

There isn't anything obvious in the logs that would suggest it was having any problems. It seems to be an intermittent problem so it's hard to pinpoint the exact cause of it however when it does happen, if I add the IP of my workstation to the 'bypass' list on the proxy, I can load google fine so I'm not sure what would cause it to not load.
Logged
npeterson
Full Member
***
Offline Offline

Posts: 90


« Reply #3 on: Friday 20 February 2009, 05:14:18 am »

My Guess would be that your isp is Nat'ing your internet connection with others, just like what you would do internally. Some ISP's are starting to do this if you dont pay for public IP addresses.

However what sticks out to me is 2, 3, & 4 in your traceroute. The High response time on the second and third responces of #2,  The timeouts on #3, and the timeout into #4. I would be looking at your modem or ISP problems more than fw problems.
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.047 seconds with 20 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com