• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 309
  • Last Modified:

Internet Proxy - RH9


I currently have a Win2k Srv system with a Cisco Pix Firewall which takes us out onto the internet, the server has Wingate 5 acting as a Internet Proxy server for 70 Windows 98/XP onsite computers.

This software works fine, but we plan to move our internet proxy onto a RedHat9 server, i am after some help on finding a internet proxy software that has the following features:

- The software must allow me to run a proxy with the PIX firewall being the gateway
- Have the ability to ban websites
- Also have the ability to restrict users connecting to full internet access by any means (ipaddress, username...)

Regards

0
cmspbake
Asked:
cmspbake
  • 4
  • 3
  • 2
1 Solution
 
wesly_chenCommented:
Hi,

    I played with squid before,
http://www.squid-cache.org/
---------
Squid is a high-performance proxy caching server for web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process.

Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests.

Squid supports SSL, extensive access controls, and full request logging. By using the lightweight Internet Cache Protocol, Squid caches can be arranged in a hierarchy or mesh for additional bandwidth savings.
------------

Regards,

Wesly
0
 
wesbirdCommented:
http://www.squid-cache.org/

Squid permits connection through a firewall and allows serveral schemes for authenticion, including user level basis.  It also can work with ban-lists for inappropriate sites.

Hope this helps
0
 
wesbirdCommented:
another wes got there first
0
Microsoft Certification Exam 74-409

VeeamĀ® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
cmspbakeAuthor Commented:
Hi there

I have tried squid but that is a proxy cache, which is nothing like Wingate

I may be wrong but I dont think it has all of the features I require, from what I have read this program just cachhes files.

If you can provide me with a rough config guide I would be grateful and I would be happy to increase the points.

Regards



0
 
wesly_chenCommented:
Hi,

How to configure squid proxy:
http://squid.visolve.com/squid24s1/contents.htm

> have the ability to restrict users connecting to full internet access by any means
http://squid.visolve.com/squid24s1/access_controls.htm

Wesly
0
 
cmspbakeAuthor Commented:
Hi there,

I have checked and it is possible to restrict the users, thanks!

But from reading the manuals I cant see any functions/calls that will allow me to set a gateway i.e. Cisco Pix

At present all my pc's point to a proxy server of x.x.x.226
The proxy server then uses the gateway (pix) x.x.x.237
The PIX then uses our 256k digital internet line
Then for a connection coming back in all traffic on port 80 gets forwarded to the proxy x.x.x.226

0
 
wesbirdCommented:
Surely the .237 is just the default gateway address for eth0 on the squid box in this setup if it has only one NIC.

I hope the users are not able to change their own proxy/network settings.  


0
 
wesly_chenCommented:
Hi,

> from reading the manuals I cant see any functions/calls that will allow me to set a gateway i.e. Cisco Pix
Default gateway can be set by "route add default gw x.x.x.237". You don't need to set gateway in squid.

> The PIX then uses our 256k digital internet line
> Then for a connection coming back in all traffic on port 80 gets forwarded to the proxy x.x.x.226
PIX forward all the http traffic to your proxy server.
> At present all my pc's point to a proxy server of x.x.x.226
And your PCs set the proxy server to x.x.x.226.

Those look ok to me.

Regards,
0
 
wesbirdCommented:
You may want to check this out to add to your squid configuration: http://www.squidguard.org/ - It's a content filter.

0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

  • 4
  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now