Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » Problem with Proxy on Port 80
  •  
Gargamel

Messages: 7
Karma: 0
Send a private message to this user
Hi

sorry for my bad english:

I must directly connect an http-proxy (Port 80) from my ISP (for eMule - Webcache). But it will not work Sad

If i put the Proxy into proxy-Settings from the Browser (IE, FireFox) it will not work. I get a 404 from my ISP:

Error 404 - Not found.
Explanation: File or directory doesn't exist or is read protected. 
Action: Check to make sure the URL you entered is correct, then retry your request. 

URL: (None)


(none) is a Link: www.kerio.com/(None)

With an other Proxy (port 8080, 3128) the same:

ERROR
The requested URL could not be retrieved

--------------------------------------------------------------------------------

While trying to retrieve the URL: http://www.kerio.com/ 

The following error was encountered: 

Access Denied. 
Access control configuration prevents your request from being allowed at this time. Please contact your service provider if you feel this is incorrect. 

Your cache administrator is support<at>uk.uu.net. 


When i deactivate WinRoute it will run without any problems.

I've tested some rules - the last:
Source: Any
Destination: Any
Service: TCP 3128
Permit
Translation: non and NAT

I need the directly Connect for my ISP-Proxy for eMule-Webcache - it doesn't work with a forwareded Proxy (Proxy-Settings from WinRoute: Transparent Proxy: forward to partent proxy -> proxy from my ISP) (this work for surfing - but not for webcache)


Bye
Gargamel
  •  
feite

Messages: 523
Karma: 0
Send a private message to this user
You say you need to connect to the proxy of your isp directly on port 80. I asume you are trying to connect from a pc inside the you LAN. Use the following rule:

name: emule proxy isp
source: lan
dest: host of the isp where the proxy is located
service: http
log: packets and connections
translation: nat (default outgoing interface)
protocol inspector: default

create a second rule for other browsing

name: www browsing
source: lan
dest: any
service: http, https
log: packets and connections
translation: nat (default outgoing interface)
protocol inspector: default

Watch the filter log for packets and response.
  •  
Gargamel

Messages: 7
Karma: 0
Send a private message to this user
feite wrote on Wed, 03 November 2004 08:13

You say you need to connect to the proxy of your isp directly on port 80. I asume you are trying to connect from a pc inside the you LAN. Use the following rule:

name: emule proxy isp
source: lan
dest: host of the isp where the proxy is located
service: http
log: packets and connections
translation: nat (default outgoing interface)
protocol inspector: default

create a second rule for other browsing

name: www browsing
source: lan
dest: any
service: http, https
log: packets and connections
translation: nat (default outgoing interface)
protocol inspector: default

Watch the filter log for packets and response.


Hi

it doesn't work Sad

I've create this 2 rules ... the ISP-Proxy-Rule at first, the browsing-Rule at second. In "Status -> Connection" i see that the ISP-Proxy-Rule matched. in the filter log i see nothing. (an other rule matched there => logging is activ)

The eMule-Client is on the same PC as WinRoute! Not on a LAN-Client. I've tested the Proxy-Availibilty with IExplorer on the Server (faster than eMule *G*) (at the moment i can't test the LAN - i'm remote from internet on my Server). I get a 404er from my ISP (not from the site!) - The 404 says that it can find this FILE. The Error-URL: www.kerio.com/(None) ! ... The Proxy thinks that he is the destination-Site.

-----

I have two other Rules for HTTP:
Firewall-Traffic
Source: Firewall
Destination: ISP-Connection
Service: HTTP (protocal inspector)
Translation: nothing

NAT
Source: LAN
Destination: ISP-Connection
Service: HTTP (protocol inspector)
Translation: NAT (default)

I think this are the default rules?

Ciao
Gargamel
  •  
Syafril Hermansyah

Messages: 45
Karma: 0
Send a private message to this user
On Thu, 4 Nov 2004 04:07:07 +0100
Gargamel wrote:

> I've create this 2 rules ... the ISP-Proxy-Rule at first, the browsing-Rule at
> second. In "Status -> Connection" i see that the ISP-Proxy-Rule matched. in
> the filter log i see nothing. (an other rule matched there => logging is
> activ)

Try this

source : local lan, firewall host
destination: internet
service : http proxy
action : permit

if your ISP proxy server on port 3128 no need further setting, but if your ISP's
proxy using port 8080 (for example )
- go to service definition
- edit http proxy port, change to port 8080

--
syafril
-------
Syafril Hermansyah




  •  
Gargamel

Messages: 7
Karma: 0
Send a private message to this user
Syafril Hermansyah wrote on Thu, 04 November 2004 13:29

On Thu, 4 Nov 2004 04:07:07 +0100
Gargamel wrote:

> I've create this 2 rules ... the ISP-Proxy-Rule at first, the browsing-Rule at
> second. In "Status -> Connection" i see that the ISP-Proxy-Rule matched. in
> the filter log i see nothing. (an other rule matched there => logging is
> activ)

Try this

source : local lan, firewall host
destination: internet
service : http proxy
action : permit

if your ISP proxy server on port 3128 no need further setting, but if your ISP's
proxy using port 8080 (for example )
- go to service definition
- edit http proxy port, change to port 8080

--
syafril
-------
Syafril Hermansyah




The HTTP-Service is on Port 80 (the default http-service) - i've made this rule:
local lan, firewall
internet
service http (port 80)

=> Don't run!

I have discovered somethings: if i use a ANONYMOUS-Proxy, it will RUN (for example: 203.130.13.243 Port 8080) with my default rules!

If i test a transparent Proxy: 207.80.58.31 Port 80 i get this problem. (by this proxy without a error-message - only a timeout - with directly inet-connection its works properly - i think this is a Proxy-Config with the errormessage)

The Proxy from my ISP is a transparent-Proxy ...

Bye
Gargamel

  •  
Syafril Hermansyah

Messages: 45
Karma: 0
Send a private message to this user
On Fri, 5 Nov 2004 00:05:52 +0100
Gargamel wrote:

> >
> > source : local lan, firewall host
> > destination: internet
> > service : http proxy
> > action : permit
>
>
> The HTTP-Service is on Port 80 (the default http-service) - i've made this
> rule: local lan, firewall
> internet
> service http (port 80)
>
> => Don't run!

Offcourse, "http proxy" service is differ than http or https; this kind of
service to allow your client to bypass local proxy and use ISP's proxy server.


--
syafril
-------
Syafril Hermansyah




  •  
Gargamel

Messages: 7
Karma: 0
Send a private message to this user
Syafril Hermansyah wrote on Fri, 05 November 2004 02:04


> The HTTP-Service is on Port 80 (the default http-service) - i've made this
> rule: local lan, firewall
> internet
> service http (port 80)
>
> => Don't run!

Offcourse, "http proxy" service is differ than http or https; this kind of
service to allow your client to bypass local proxy and use ISP's proxy server.

--
syafril
-------
Syafril Hermansyah



Hi

sorry - i don't understand ...
I haven't a Service named "HTTP Proxy" ... "HTTP" and "HTTPS" offcourse.

When i use a anon-Proxy it will run - if i use a transparent Proxy, it won't run.

It's possible to use the winroute-Proxy with a transparant proxy - the problem: i must insert localhost into emule - thats a problem - here MUST the proxy from isp inserted Sad

When i make a new Service named "HTTP Proxy" - there no different to the Service "HTTP"?! (Port 80 for "my" Proxy")

Bye
Gargamel
  •  
mk77

Messages: 5
Karma: 0
Send a private message to this user
I think, i had the same Problem.
Look here if this works for you http://forums.kerio.com/index.php?t=msg&th=1827

Hmm... is here someone from the Kerio staff left?
I see so much questions, that a Kerio worker or supporter could very easyly answer.
Do they still visit this forum?

[Updated on: Fri, 05 November 2004 18:42]

  •  
Gargamel

Messages: 7
Karma: 0
Send a private message to this user
mk77 wrote on Fri, 05 November 2004 18:36

I think, i had the same Problem.
Look here if this works for you http://forums.kerio.com/index.php?t=msg&th=1827

Hmm... is here someone from the Kerio staff left?
I see so much questions, that a Kerio worker or supporter could very easyly answer.
Do they still visit this forum?


Hi

<at>first: we use the same Proxy Wink


"Stop Winroute engine and edit the winroute.cfg file. Set the "RemoveHostFromURL" value to "0"." <- thats solved my problem! Yeah Wink

I will test this in next few days (emule-Webcache should now run ... or not *G*) - or: are problems known with this setting? What do this exactly? Can i get problems with Web-Surfing without a proyx? (webserver on port 80,8080 an some special ports (opend at winroute))

Bye
Gargamel
  •  
mk77

Messages: 5
Karma: 0
Send a private message to this user
Gargamel wrote on Fri, 05 November 2004 21:15

Hi

<at>first: we use the same Proxy Wink


"Stop Winroute engine and edit the winroute.cfg file. Set the "RemoveHostFromURL" value to "0"." <- thats solved my problem! Yeah Wink

I will test this in next few days (emule-Webcache should now run ... or not *G*) - or: are problems known with this setting? What do this exactly? Can i get problems with Web-Surfing without a proyx? (webserver on port 80,8080 an some special ports (opend at winroute))

Bye
Gargamel


Everything works perfectly with this setting no matter if with or without Proxy (ok, there is a little Problem with SSL sites throug Proxy, but i think that's a T-Online Problem cause 3-4 Month ago everthing was fine with the same Winroute Version and none of the settings changed)

eMule-Webcache works - hmm.. as it should - every Problem here is a Problem from T-Online Proxy and/or the Webcache Implementation.

I think the Problem is/was, that most Proxies don't like this default Setting:
Quote:

HTTP protocol inspector converts absolute URL to relative one (i.e. removes server name from the URL.


btw: Gargamel.. hmm.. are you THE Gargamel from EES?

[Updated on: Tue, 09 November 2004 02:34]

Previous Topic: WinRoute.exe service priority
Next Topic: NAT vs Non Transparent Proxy
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Wed Nov 22 16:00:12 CET 2017

Total time taken to generate the page: 0.00456 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.