Https sites getting very slow

Sorry for the late answer.
Could you post the part of /var/log/squid/access.log when a slow https site appears?

access.log getting too long to open.i already attach message.log for previous post.

Are you trying to open it with notepad? You have a log viewer in web UI.

Is Nethserver your DHCP server? Which DNS servers do your clients use?

We try to open log viewer in web UI but its getting loading.

Yes, Nethserver as DHCP Server, enable DHCP in Green zone (local LAN) and we use one of our ISP provider DNS server and our domain controller as another DNS Server.

It seems like you are not using proxy authentication mode. Usually you should see the usernames in the access log.
Another point is that you have one internal and one external DNS for your clients. This means that they may give back different results. Your internal DNS knows your domain, the external doesn’t. You may try to use just the internal DNS of your domain controller.

There is a username in access.log, you can recheck again, once we enter our system the login credentials take it as proxy authentication. because we joined into domain controller.

You are right, users are recognized. I’ll try to reproduce your scenario…give me some time…

OK , Thanks for your immediate response. Its a major issue for our side. So kindly provide the solution.

having the exact same problem and i thought that there’s a problem i got only myself. thanks for asking this veeramani. needless to mention i very much appreciate all the answers here.

After fully updating and rebooting zentyal 4.2 it just works. I assume it works with newer zentyal 5.1 too. I tested with Windows 7/10 clients, domain-joined/unjoined and several browsers.

My config:

NethServer Gateway - zentyal dc,dns - NethServer proxy, dns - Clients

I use same DNS domain (testdomain.local) on Nethserver Proxy (testserver.testdomain.local) and zentyal dc (zentyal.testdomain.local) The AD is testdomain.local.
NethServer Proxy uses zentyal as DNS.
At proxy auth I put “testuser@testdomain.local”.


Please check your /var/log/squid/cache.log.
Maybe there’s a slow network connection between NethServer and zentyal dc so the auth takes longer and makes https slow.
You may also test if your DNS servers are working correctly and responding fast with dig host @dnsserver like dig @

1 Like

having the exact same setup in our proxy. whenever i type google in browser its shows waiting for cache

we configure cache like this

our clients are using windows server 2012 and ubuntu machines.

we found a errors in cache log,

I had the same errors before fully updating zentyal 4.2. You may try to empty the cache. You have high Disk cache size, default is 100, default max object size is 4096, I just used the default settings.

So what we do now. we need to change the cache disk size or update zentyal

Changing disk cache is faster so you may just try it.
But when I tried yesterday, the zentyal update and a reboot solved the “Negotiate Authentication errors”

OK, Some times its working good and some times its getting very slow and " there is no internet connection" error occur, we need to refresh several times.

Once we update zentyal and check how its work. If i change disk cache means what values we use for min and max ( maybe we use 2-4 GB or what-else, we have 30 users )

I’d keep the cache with default values and change it if something doesn’t work.


I need to configure Remote LDAP in nethserver account provider. I think Remote ldap and joining domain are the same fields mention in the account provider. I need to specify only remote ldap for authentication.

Hi Team,

We update Nethserver and Zentyal (DC) as current version, every thing will be upto date, But i m getting internet slow connection. we check access.log in squid its getting

TCP_DENIED/407 4224 CONNECT - HIER_NONE/- text/html

The slow internet issue not resolved. kindly help me.

I found another thread about squid, maybe it helps: