Giovanni Vecchi | 18 Oct 09:11 2011
Picon

Endian FW 2.4.1 & Skype

Hi everybody.
I've got a little problem with Skype: when proxy settings are set, it 
periodically disconnect and reconnect user.

Any idea to fix it?

Thanks, bye!

Il contenuto di questa comunicazione ha natura riservata ed è destinato esclusivamente alla persona o
ente cui essa è indirizzata. Qualsiasi forma di utilizzo non autorizzato del contenuto di questo
messaggio non è consentito. Se non siete il destinatario designato di questo messaggio e del suo
contenuto Vi preghiamo di comunicarlo immediatamente al mittente e di distruggere il messaggio ed i suoi
eventuali allegati.  
This comunication is confidential and intended for the addressee(s) only. Any form of unauthorized use of
the content of this e-mail is not permitted.If you are not the intended recipent of this message and its
contents, please notify the sender immediately and delete this message and all its attachments.  

------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure contains a
definitive record of customers, application performance, security
threats, fraudulent activity and more. Splunk takes this data and makes
sense of it. Business sense. IT sense. Common sense.
http://p.sf.net/sfu/splunk-d2d-oct
Farzan Qureshi | 18 Oct 09:25 2011
Picon

Re: Endian FW 2.4.1 & Skype

This could be due to several issues.

Bandwidth is choking.

Outgoing firewall drops the connection. Disable it under endian and test it for a while.
I am using skype too but it is running smoothly.

Rgrds
Farzan

On Oct 18, 2011 8:13 PM, "Giovanni Vecchi" <giovanni.vecchi-Vt427sO+ix0@public.gmane.org> wrote:
Hi everybody.
I've got a little problem with Skype: when proxy settings are set, it
periodically disconnect and reconnect user.

Any idea to fix it?

Thanks, bye!

Il contenuto di questa comunicazione ha natura riservata ed è destinato esclusivamente alla persona o ente cui essa è indirizzata. Qualsiasi forma di utilizzo non autorizzato del contenuto di questo messaggio non è consentito. Se non siete il destinatario designato di questo messaggio e del suo contenuto Vi preghiamo di comunicarlo immediatamente al mittente e di distruggere il messaggio ed i suoi eventuali allegati.
This comunication is confidential and intended for the addressee(s) only. Any form of unauthorized use of the content of this e-mail is not permitted.If you are not the intended recipent of this message and its contents, please notify the sender immediately and delete this message and all its attachments.

------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure contains a
definitive record of customers, application performance, security
threats, fraudulent activity and more. Splunk takes this data and makes
sense of it. Business sense. IT sense. Common sense.
http://p.sf.net/sfu/splunk-d2d-oct
_______________________________________________
Efw-user mailing list
Efw-user-5NWGOfrQmneRv+LV9MX5ug@public.gmane.orge.net
https://lists.sourceforge.net/lists/listinfo/efw-user
------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure contains a
definitive record of customers, application performance, security
threats, fraudulent activity and more. Splunk takes this data and makes
sense of it. Business sense. IT sense. Common sense.
http://p.sf.net/sfu/splunk-d2d-oct
_______________________________________________
Efw-user mailing list
Efw-user@...
https://lists.sourceforge.net/lists/listinfo/efw-user
Giovanni Vecchi | 18 Oct 09:37 2011
Picon

Re: Endian FW 2.4.1 & Skype

> This could be due to several issues.
> Bandwidth is choking.
> Outgoing firewall drops the connection. Disable it under endian and test
> it for a while.
> I am using skype too but it is running smoothly.

I use Endian only as Web Proxy, so it isn't the default gateway for hosts.
Before installing Endian, skype worked well (because there wasn't any 
proxy).
So, I think that the problem is into Web Proxy features...

Il contenuto di questa comunicazione ha natura riservata ed è destinato esclusivamente alla persona o
ente cui essa è indirizzata. Qualsiasi forma di utilizzo non autorizzato del contenuto di questo
messaggio non è consentito. Se non siete il destinatario designato di questo messaggio e del suo
contenuto Vi preghiamo di comunicarlo immediatamente al mittente e di distruggere il messaggio ed i suoi
eventuali allegati.  
This comunication is confidential and intended for the addressee(s) only. Any form of unauthorized use of
the content of this e-mail is not permitted.If you are not the intended recipent of this message and its
contents, please notify the sender immediately and delete this message and all its attachments.  

------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure contains a
definitive record of customers, application performance, security
threats, fraudulent activity and more. Splunk takes this data and makes
sense of it. Business sense. IT sense. Common sense.
http://p.sf.net/sfu/splunk-d2d-oct
Farzan Qureshi | 21 Oct 08:50 2011
Picon

Re: Endian FW 2.4.1 & Skype

Have you defined any access policy?

Farzan Qureshi | Network Technician & Help-desk Support | Rosmini College | (09) 487 0 530

On Oct 18, 2011 8:39 PM, "Giovanni Vecchi" <giovanni.vecchi-Vt427sO+ix0@public.gmane.org> wrote:
> This could be due to several issues.
> Bandwidth is choking.
> Outgoing firewall drops the connection. Disable it under endian and test
> it for a while.
> I am using skype too but it is running smoothly.

I use Endian only as Web Proxy, so it isn't the default gateway for hosts.
Before installing Endian, skype worked well (because there wasn't any
proxy).
So, I think that the problem is into Web Proxy features...

Il contenuto di questa comunicazione ha natura riservata ed è destinato esclusivamente alla persona o ente cui essa è indirizzata. Qualsiasi forma di utilizzo non autorizzato del contenuto di questo messaggio non è consentito. Se non siete il destinatario designato di questo messaggio e del suo contenuto Vi preghiamo di comunicarlo immediatamente al mittente e di distruggere il messaggio ed i suoi eventuali allegati.
This comunication is confidential and intended for the addressee(s) only. Any form of unauthorized use of the content of this e-mail is not permitted.If you are not the intended recipent of this message and its contents, please notify the sender immediately and delete this message and all its attachments.

------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure contains a
definitive record of customers, application performance, security
threats, fraudulent activity and more. Splunk takes this data and makes
sense of it. Business sense. IT sense. Common sense.
http://p.sf.net/sfu/splunk-d2d-oct
_______________________________________________
Efw-user mailing list
Efw-user-5NWGOfrQmneRv+LV9MX5ug@public.gmane.orge.net
https://lists.sourceforge.net/lists/listinfo/efw-user
------------------------------------------------------------------------------
The demand for IT networking professionals continues to grow, and the
demand for specialized networking skills is growing even more rapidly.
Take a complimentary Learning <at> Cisco Self-Assessment and learn 
about Cisco certifications, training, and career opportunities. 
http://p.sf.net/sfu/cisco-dev2dev
_______________________________________________
Efw-user mailing list
Efw-user@...
https://lists.sourceforge.net/lists/listinfo/efw-user
Giovanni Vecchi | 21 Oct 10:18 2011
Picon

Re: Endian FW 2.4.1 & Skype


> Have you defined any access policy?

User can connect to internet after login (NLTM authentication) and there 
are some contentfilter profile for each NTLM groups, but it works well.
Skype is set to use Proxy to connect, so it connects correctly.

Il contenuto di questa comunicazione ha natura riservata ed è destinato esclusivamente alla persona o
ente cui essa è indirizzata. Qualsiasi forma di utilizzo non autorizzato del contenuto di questo
messaggio non è consentito. Se non siete il destinatario designato di questo messaggio e del suo
contenuto Vi preghiamo di comunicarlo immediatamente al mittente e di distruggere il messaggio ed i suoi
eventuali allegati.  
This comunication is confidential and intended for the addressee(s) only. Any form of unauthorized use of
the content of this e-mail is not permitted.If you are not the intended recipent of this message and its
contents, please notify the sender immediately and delete this message and all its attachments.  

------------------------------------------------------------------------------
The demand for IT networking professionals continues to grow, and the
demand for specialized networking skills is growing even more rapidly.
Take a complimentary Learning <at> Cisco Self-Assessment and learn 
about Cisco certifications, training, and career opportunities. 
http://p.sf.net/sfu/cisco-dev2dev
Farzan Qureshi | 21 Oct 10:24 2011
Picon

Re: Endian FW 2.4.1 & Skype

Which Port on which skype is working ? Under skype connection properties....and is it checked to use port 80 ?

On Oct 21, 2011 9:20 PM, "Giovanni Vecchi" <giovanni.vecchi-Vt427sO+ix0@public.gmane.org> wrote:

> Have you defined any access policy?

User can connect to internet after login (NLTM authentication) and there
are some contentfilter profile for each NTLM groups, but it works well.
Skype is set to use Proxy to connect, so it connects correctly.


Il contenuto di questa comunicazione ha natura riservata ed è destinato esclusivamente alla persona o ente cui essa è indirizzata. Qualsiasi forma di utilizzo non autorizzato del contenuto di questo messaggio non è consentito. Se non siete il destinatario designato di questo messaggio e del suo contenuto Vi preghiamo di comunicarlo immediatamente al mittente e di distruggere il messaggio ed i suoi eventuali allegati.
This comunication is confidential and intended for the addressee(s) only. Any form of unauthorized use of the content of this e-mail is not permitted.If you are not the intended recipent of this message and its contents, please notify the sender immediately and delete this message and all its attachments.

------------------------------------------------------------------------------
The demand for IT networking professionals continues to grow, and the
demand for specialized networking skills is growing even more rapidly.
Take a complimentary Learning <at> Cisco Self-Assessment and learn
about Cisco certifications, training, and career opportunities.
http://p.sf.net/sfu/cisco-dev2dev
_______________________________________________
Efw-user mailing list
Efw-user-5NWGOfrQmneRv+LV9MX5ug@public.gmane.orge.net
https://lists.sourceforge.net/lists/listinfo/efw-user
------------------------------------------------------------------------------
The demand for IT networking professionals continues to grow, and the
demand for specialized networking skills is growing even more rapidly.
Take a complimentary Learning <at> Cisco Self-Assessment and learn 
about Cisco certifications, training, and career opportunities. 
http://p.sf.net/sfu/cisco-dev2dev
_______________________________________________
Efw-user mailing list
Efw-user@...
https://lists.sourceforge.net/lists/listinfo/efw-user
Giovanni Vecchi | 21 Oct 11:46 2011
Picon

Re: Endian FW 2.4.1 & Skype


> Which Port on which skype is working ? Under skype connection
> properties....and is it checked to use port 80 ?

Skype -> Tools -> Options -> Advanced -> Connection ->

Use port 25156 for incoming connections

[V] Use ports 80 and 443 as alternative for incoming connections

Automatic Proxy detection

[V] Enable proxy authentication
Username: <user>
Password: <password>

where automatic proxy detection works for all browsers and OS.

Skype >= 5.3.32.111

Il contenuto di questa comunicazione ha natura riservata ed è destinato esclusivamente alla persona o
ente cui essa è indirizzata. Qualsiasi forma di utilizzo non autorizzato del contenuto di questo
messaggio non è consentito. Se non siete il destinatario designato di questo messaggio e del suo
contenuto Vi preghiamo di comunicarlo immediatamente al mittente e di distruggere il messaggio ed i suoi
eventuali allegati.  
This comunication is confidential and intended for the addressee(s) only. Any form of unauthorized use of
the content of this e-mail is not permitted.If you are not the intended recipent of this message and its
contents, please notify the sender immediately and delete this message and all its attachments.  

------------------------------------------------------------------------------
The demand for IT networking professionals continues to grow, and the
demand for specialized networking skills is growing even more rapidly.
Take a complimentary Learning <at> Cisco Self-Assessment and learn 
about Cisco certifications, training, and career opportunities. 
http://p.sf.net/sfu/cisco-dev2dev
Farzan Qureshi | 21 Oct 12:25 2011
Picon

Re: Endian FW 2.4.1 & Skype

In my organization i m using port # 64857. Else everything is same as yours....

On Oct 21, 2011 10:49 PM, "Giovanni Vecchi" <giovanni.vecchi <at> saer.it> wrote:

> Which Port on which skype is working ? Under skype connection
> properties....and is it checked to use port 80 ?

Skype -> Tools -> Options -> Advanced -> Connection ->

Use port 25156 for incoming connections

[V] Use ports 80 and 443 as alternative for incoming connections

Automatic Proxy detection

[V] Enable proxy authentication
Username: <user>
Password: <password>

where automatic proxy detection works for all browsers and OS.

Skype >= 5.3.32.111

Il contenuto di questa comunicazione ha natura riservata ed è destinato esclusivamente alla persona o ente cui essa è indirizzata. Qualsiasi forma di utilizzo non autorizzato del contenuto di questo messaggio non è consentito. Se non siete il destinatario designato di questo messaggio e del suo contenuto Vi preghiamo di comunicarlo immediatamente al mittente e di distruggere il messaggio ed i suoi eventuali allegati.
This comunication is confidential and intended for the addressee(s) only. Any form of unauthorized use of the content of this e-mail is not permitted.If you are not the intended recipent of this message and its contents, please notify the sender immediately and delete this message and all its attachments.

------------------------------------------------------------------------------
The demand for IT networking professionals continues to grow, and the
demand for specialized networking skills is growing even more rapidly.
Take a complimentary Learning <at> Cisco Self-Assessment and learn
about Cisco certifications, training, and career opportunities.
http://p.sf.net/sfu/cisco-dev2dev
_______________________________________________
Efw-user mailing list
Efw-user-5NWGOfrQmneRv+LV9MX5ug@public.gmane.orge.net
https://lists.sourceforge.net/lists/listinfo/efw-user
------------------------------------------------------------------------------
The demand for IT networking professionals continues to grow, and the
demand for specialized networking skills is growing even more rapidly.
Take a complimentary Learning <at> Cisco Self-Assessment and learn 
about Cisco certifications, training, and career opportunities. 
http://p.sf.net/sfu/cisco-dev2dev
_______________________________________________
Efw-user mailing list
Efw-user@...
https://lists.sourceforge.net/lists/listinfo/efw-user
Giovanni Vecchi | 21 Oct 14:04 2011
Picon

Re: Endian FW 2.4.1 & Skype


> In my organization i m using port # 64857. Else everything is same as
> yours....

I don't set the port, Skype takes this one; but this is an incoming 
port, so EFW doens't care of it.

I think that skype try to keep itself connected to some web site or 
external host and Squid close connection after N minutes...

The issue of "disconnect and reconnect" is not very close in time (maybe 
every half an hour) but is periodically during the day: did you ever 
notice this behaviour?

Il contenuto di questa comunicazione ha natura riservata ed è destinato esclusivamente alla persona o
ente cui essa è indirizzata. Qualsiasi forma di utilizzo non autorizzato del contenuto di questo
messaggio non è consentito. Se non siete il destinatario designato di questo messaggio e del suo
contenuto Vi preghiamo di comunicarlo immediatamente al mittente e di distruggere il messaggio ed i suoi
eventuali allegati.  
This comunication is confidential and intended for the addressee(s) only. Any form of unauthorized use of
the content of this e-mail is not permitted.If you are not the intended recipent of this message and its
contents, please notify the sender immediately and delete this message and all its attachments.  

------------------------------------------------------------------------------
The demand for IT networking professionals continues to grow, and the
demand for specialized networking skills is growing even more rapidly.
Take a complimentary Learning <at> Cisco Self-Assessment and learn 
about Cisco certifications, training, and career opportunities. 
http://p.sf.net/sfu/cisco-dev2dev
Farzan Qureshi | 21 Oct 22:33 2011
Picon

Re: Endian FW 2.4.1 & Skype

Fortunately no :-) and it also never drops even for video calls which are upto an hour or two hours. It works just fine...
Skype is a time critical app thus if it experience a small drop in connection due to bandwidth choking or back pressure at network interfaces it drops. Also try to remove the check against use alternate ports. Port 80 is directed to squis cache as it is only capable of handling http traffic. Port 80 make it consider as it is a http request. I have to check at my organization after this weekend that if i m using alternate ports or not...

On Oct 22, 2011 1:06 AM, "Giovanni Vecchi" <giovanni.vecchi-Vt427sO+ix0@public.gmane.org> wrote:

> In my organization i m using port # 64857. Else everything is same as
> yours....

I don't set the port, Skype takes this one; but this is an incoming
port, so EFW doens't care of it.

I think that skype try to keep itself connected to some web site or
external host and Squid close connection after N minutes...

The issue of "disconnect and reconnect" is not very close in time (maybe
every half an hour) but is periodically during the day: did you ever
notice this behaviour?


Il contenuto di questa comunicazione ha natura riservata ed è destinato esclusivamente alla persona o ente cui essa è indirizzata. Qualsiasi forma di utilizzo non autorizzato del contenuto di questo messaggio non è consentito. Se non siete il destinatario designato di questo messaggio e del suo contenuto Vi preghiamo di comunicarlo immediatamente al mittente e di distruggere il messaggio ed i suoi eventuali allegati.
This comunication is confidential and intended for the addressee(s) only. Any form of unauthorized use of the content of this e-mail is not permitted.If you are not the intended recipent of this message and its contents, please notify the sender immediately and delete this message and all its attachments.

------------------------------------------------------------------------------
The demand for IT networking professionals continues to grow, and the
demand for specialized networking skills is growing even more rapidly.
Take a complimentary Learning <at> Cisco Self-Assessment and learn
about Cisco certifications, training, and career opportunities.
http://p.sf.net/sfu/cisco-dev2dev
_______________________________________________
Efw-user mailing list
Efw-user-5NWGOfrQmneRv+LV9MX5ug@public.gmane.orge.net
https://lists.sourceforge.net/lists/listinfo/efw-user
------------------------------------------------------------------------------
The demand for IT networking professionals continues to grow, and the
demand for specialized networking skills is growing even more rapidly.
Take a complimentary Learning <at> Cisco Self-Assessment and learn 
about Cisco certifications, training, and career opportunities. 
http://p.sf.net/sfu/cisco-dev2dev
_______________________________________________
Efw-user mailing list
Efw-user@...
https://lists.sourceforge.net/lists/listinfo/efw-user
Giovanni Vecchi | 9 Nov 09:53 2011
Picon

Re: Endian FW 2.4.1 & Skype


> Fortunately no :-) and it also never drops even for video calls which
> are upto an hour or two hours. It works just fine...
> Skype is a time critical app thus if it experience a small drop in
> connection due to bandwidth choking or back pressure at network
> interfaces it drops. Also try to remove the check against use alternate
> ports. Port 80 is directed to squis cache as it is only capable of
> handling http traffic. Port 80 make it consider as it is a http request.
> I have to check at my organization after this weekend that if i m using
> alternate ports or not...

I've found this:

http://wiki.squid-cache.org/ConfigExamples/Chat#ConfigExamples.2BAC8-Chat.2BAC8-Skype.Skype_Access_Controls 

I want to try this possible solution:

- create a new user agent entry into "Useragents" menù of Access Policy 
called "Skype"
- create a new Access Policy where Source: Any and Destination: Any with 
Useragents: Skype can connect without autentication

So, any idea to create a new useragent entry?

Thanks, bye!

Il contenuto di questa comunicazione ha natura riservata ed è destinato esclusivamente alla persona o
ente cui essa è indirizzata. Qualsiasi forma di utilizzo non autorizzato del contenuto di questo
messaggio non è consentito. Se non siete il destinatario designato di questo messaggio e del suo
contenuto Vi preghiamo di comunicarlo immediatamente al mittente e di distruggere il messaggio ed i suoi
eventuali allegati.  
This comunication is confidential and intended for the addressee(s) only. Any form of unauthorized use of
the content of this e-mail is not permitted.If you are not the intended recipent of this message and its
contents, please notify the sender immediately and delete this message and all its attachments.  
------------------------------------------------------------------------------
RSA(R) Conference 2012
Save $700 by Nov 18
Register now
http://p.sf.net/sfu/rsa-sfdev2dev1
Farzan Qureshi | 9 Nov 20:59 2011
Picon

Re: Endian FW 2.4.1 & Skype

You can find useragent file under /var/efw/proxy but I don’t know how to
add user agent...
Sorry.

-----Original Message-----
From: Giovanni Vecchi [mailto:giovanni.vecchi@...]
Sent: Wednesday, 9 November 2011 9:54 p.m.
To: efw-user@...
Subject: Re: [Efw-user] Endian FW 2.4.1 & Skype

> Fortunately no :-) and it also never drops even for video calls which
> are upto an hour or two hours. It works just fine...
> Skype is a time critical app thus if it experience a small drop in
> connection due to bandwidth choking or back pressure at network
> interfaces it drops. Also try to remove the check against use
> alternate ports. Port 80 is directed to squis cache as it is only
> capable of handling http traffic. Port 80 make it consider as it is a
http request.
> I have to check at my organization after this weekend that if i m
> using alternate ports or not...

I've found this:
http://wiki.squid-cache.org/ConfigExamples/Chat#ConfigExamples.2BAC8-Chat.
2BAC8-Skype.Skype_Access_Controls

I want to try this possible solution:

- create a new user agent entry into "Useragents" menù of Access Policy
called "Skype"
- create a new Access Policy where Source: Any and Destination: Any with
Useragents: Skype can connect without autentication

So, any idea to create a new useragent entry?

Thanks, bye!

Il contenuto di questa comunicazione ha natura riservata ed è destinato
esclusivamente alla persona o ente cui essa è indirizzata. Qualsiasi forma
di utilizzo non autorizzato del contenuto di questo messaggio non è
consentito. Se non siete il destinatario designato di questo messaggio e
del suo contenuto Vi preghiamo di comunicarlo immediatamente al mittente e
di distruggere il messaggio ed i suoi eventuali allegati.
This comunication is confidential and intended for the addressee(s) only.
Any form of unauthorized use of the content of this e-mail is not
permitted.If you are not the intended recipent of this message and its
contents, please notify the sender immediately and delete this message and
all its attachments.
--------------------------------------------------------------------------
----
RSA(R) Conference 2012
Save $700 by Nov 18
Register now
http://p.sf.net/sfu/rsa-sfdev2dev1
_______________________________________________
Efw-user mailing list
Efw-user@...
https://lists.sourceforge.net/lists/listinfo/efw-user

------------------------------------------------------------------------------
RSA(R) Conference 2012
Save $700 by Nov 18
Register now
http://p.sf.net/sfu/rsa-sfdev2dev1
Giovanni Vecchi | 10 Nov 09:13 2011
Picon

Re: Endian FW 2.4.1 & Skype

> You can find useragent file under /var/efw/proxy but I don’t know how to
> add user agent...
> Sorry.

To create a new user agent, you have to add a new line into 
/usr/lib/efw/proxy/default/useragents

So, I've tried adding:

SKYPE,Skype,(skype)

After a squid reload, added a new Access Policy:

Unfiltered Access, ANY, ANY, not required, Always, SKYPE in first 
position, but it still doesn't works.

I think that the solution is to allow skype to not pass through Web 
Proxy and allow it to reach internet in port 443 from gateway/firewall: 
sniffing network with wireshark, I've seen that it doens't create HTTPS 
packets, it only create a SSL packets (see: 
http://www.cryptoheaven.com/Security/Presentation/SSL-protocol.htm); in 
this case user agent field is not defined, so the trick will fail.

These are my two cents.

Il contenuto di questa comunicazione ha natura riservata ed è destinato esclusivamente alla persona o
ente cui essa è indirizzata. Qualsiasi forma di utilizzo non autorizzato del contenuto di questo
messaggio non è consentito. Se non siete il destinatario designato di questo messaggio e del suo
contenuto Vi preghiamo di comunicarlo immediatamente al mittente e di distruggere il messaggio ed i suoi
eventuali allegati.  
This comunication is confidential and intended for the addressee(s) only. Any form of unauthorized use of
the content of this e-mail is not permitted.If you are not the intended recipent of this message and its
contents, please notify the sender immediately and delete this message and all its attachments.  
------------------------------------------------------------------------------
RSA(R) Conference 2012
Save $700 by Nov 18
Register now
http://p.sf.net/sfu/rsa-sfdev2dev1
Farzan Qureshi | 10 Nov 09:58 2011
Picon

Re: Endian FW 2.4.1 & Skype

Your described scenario is quite strange :-) i am running the same but i have no such issues with skype...even at my organization people use skype for hours but they never get signed out...i wondef wat i can suggest more :-(

On Nov 10, 2011 9:15 PM, "Giovanni Vecchi" <giovanni.vecchi-Vt427sO+ix0@public.gmane.org> wrote:
> You can find useragent file under /var/efw/proxy but I don’t know how to
> add user agent...
> Sorry.

To create a new user agent, you have to add a new line into
/usr/lib/efw/proxy/default/useragents

So, I've tried adding:

SKYPE,Skype,(skype)

After a squid reload, added a new Access Policy:

Unfiltered Access, ANY, ANY, not required, Always, SKYPE in first
position, but it still doesn't works.

I think that the solution is to allow skype to not pass through Web
Proxy and allow it to reach internet in port 443 from gateway/firewall:
sniffing network with wireshark, I've seen that it doens't create HTTPS
packets, it only create a SSL packets (see:
http://www.cryptoheaven.com/Security/Presentation/SSL-protocol.htm); in
this case user agent field is not defined, so the trick will fail.

These are my two cents.

Il contenuto di questa comunicazione ha natura riservata ed è destinato esclusivamente alla persona o ente cui essa è indirizzata. Qualsiasi forma di utilizzo non autorizzato del contenuto di questo messaggio non è consentito. Se non siete il destinatario designato di questo messaggio e del suo contenuto Vi preghiamo di comunicarlo immediatamente al mittente e di distruggere il messaggio ed i suoi eventuali allegati.
This comunication is confidential and intended for the addressee(s) only. Any form of unauthorized use of the content of this e-mail is not permitted.If you are not the intended recipent of this message and its contents, please notify the sender immediately and delete this message and all its attachments.
------------------------------------------------------------------------------
RSA(R) Conference 2012
Save $700 by Nov 18
Register now
http://p.sf.net/sfu/rsa-sfdev2dev1
_______________________________________________
Efw-user mailing list
Efw-user-5NWGOfrQmneRv+LV9MX5ug@public.gmane.orge.net
https://lists.sourceforge.net/lists/listinfo/efw-user
------------------------------------------------------------------------------
RSA(R) Conference 2012
Save $700 by Nov 18
Register now
http://p.sf.net/sfu/rsa-sfdev2dev1
_______________________________________________
Efw-user mailing list
Efw-user@...
https://lists.sourceforge.net/lists/listinfo/efw-user
Giovanni Vecchi | 10 Nov 11:08 2011
Picon

Re: Endian FW 2.4.1 & Skype


> Your described scenario is quite strange :-) i am running the same but i
> have no such issues with skype...even at my organization people use
> skype for hours but they never get signed out...i wondef wat i can
> suggest more :-(

My Web Proxy logs, filtered by one ip address of several workstations 
using skype, say (when logging into skype):

1 192.168.255.15 TCP_DENIED/407 3317 CONNECT 80.57.184.21:443 - NONE/- 
text/html

and several lines like this one, with only different Public IP.

 <at> Farzan Qureshi: Have you tried with new skype installation on a "clean" 
computer?

Il contenuto di questa comunicazione ha natura riservata ed è destinato esclusivamente alla persona o
ente cui essa è indirizzata. Qualsiasi forma di utilizzo non autorizzato del contenuto di questo
messaggio non è consentito. Se non siete il destinatario designato di questo messaggio e del suo
contenuto Vi preghiamo di comunicarlo immediatamente al mittente e di distruggere il messaggio ed i suoi
eventuali allegati.  
This comunication is confidential and intended for the addressee(s) only. Any form of unauthorized use of
the content of this e-mail is not permitted.If you are not the intended recipent of this message and its
contents, please notify the sender immediately and delete this message and all its attachments.  

------------------------------------------------------------------------------
RSA(R) Conference 2012
Save $700 by Nov 18
Register now
http://p.sf.net/sfu/rsa-sfdev2dev1

Gmane