http – squid proxy – howto allow tcp connect – getting TCP_DENIAL/400 with ERR_INVALID_DOMAIN

http – squid proxy – howto allow tcp connect – getting TCP_DENIAL/400 with ERR_INVALID_DOMAIN

I resolved the same error by commenting out from the default squid.conf:

# Deny CONNECT to other than secure SSL ports
#http_access deny CONNECT !SSL_ports

By default Squid is set up to not allow CONNECT to non-SSL ports. If you want to test without SSL you can disable this by commenting out the line above.

I had the non SSL ports connection allowed as mentioned above but forgot to open the acl from the network I was trying to access. Opening that fixed the issue:

acl localnet src 1.1.0.0/24     # <- My Internal network I am accessing from
acl localnet src 10.0.0.0/8     # RFC1918 possible internal network
acl localnet src 172.16.0.0/12  # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network

http – squid proxy – howto allow tcp connect – getting TCP_DENIAL/400 with ERR_INVALID_DOMAIN

For me it was the opposite of @peaxol: I had the acl defined but not the http_access allow rule. I had to add them:

acl vpn src xx.xx.xx.xx/xx
...
http_access allow vpn

Leave a Reply

Your email address will not be published.