[CentOS] Squid question

Sat Oct 29 19:37:41 UTC 2016
paul.greene.va <paul.greene.va at verizon.net>

I'm having issues getting squid to send traffic through a specific 
upstream gateway.

I need for a MS WSUS server and a Symantec Endpoint Protection Manager 
to get through a squid proxy to get out to Microsoft and Symantec 
respectively to get MS patches and Symantec DAT files.

The traffic needs to go through the squid proxy, through a firewall, and 
through an upstream McAfee gateway server. If it tries to take a path 
different than that upstream gateway to get out to the internet, it'll 
get dropped.

However, once the traffic goes through the proxy, it tries to go 
directly to the vendor website and not go through the McAfee gateway, 
and therefore is getting blocked by the firewall. The traffic never 
reaches the McAfee gateway.

If I configure a browser to use the proxy server and browse to some 
websites, it can get to http sites, but not https sites. Port 443 is 
what isn't getting through.

I thought this line in squid.conf was supposed to send the traffic to an 
upstream cache_peer parent gateway, but I could easily be 
misunderstanding what its supposed to do. (I'm pretty new with squid)

cache_peer <upstream gateway IP address>      parent 8080  3130  
proxy-only no-query no-netdb-exchange default login=<username>:<password>

The Safe_ports  and SSL_ports is the squid.conf default settings, and 
include both port 443 and port 80 traffic

Thanks,

PG