Squid Issues getting SPICE proxy to work

Latest response

I'm setting up a SPICE proxy to enable users from an external network to access some RHEL Workstation VDI machines on an internal network.

One thing I should clarify - I only really need the proxy to facilitate communication between users on an external network with VDI machines on an internal network.

If that is the case, then do I only need to do steps 20.1.2 and 20.1.3 in the admin guide? (I thought I had to go through the section 20.2.1 "installing and configuring a squid proxy", but maybe I'm overcomplicating what is needed to just get them communicating correctly)

If it's the latter, this is what I've done so far.

I'm using the squid.conf file recommended in the Virtualization 4.0 Administration guide:

In the document squid.conf looked like this:

https_port 443 key=/etc/squid/proxy.key cert=/etc/squid/proxy.cer sslbump
defaultsite=engine.example.com
cache_peer engine.example.com parent 443 0 no-query originserver ssl
sslcafile=/etc/squid/ca.pem name=engine
cache_peer_access engine allow all
ssl_bump allow all
http_access allow all

It looked like there was a line break that didn't come through correctly in the PDF document so I used this content for squid.conf

https_port 443 key=/etc/squid/proxy.key cert=/etc/squid/proxy.cer ssl-bump defaultsite=engine.example.com
cache_peer engine.example.com parent 443 0 no-query originserver ssl
sslcafile=/etc/squid/ca.pem name=engine
cache_peer_access engine allow all
ssl_bump allow all
http_access allow all

But I'm getting this error when trying to restart the squid service

FATAL: https_port: defaultsite option requires Acceleration mode flag.

Paul

Responses