Internet Proxy - RH9


I currently have a Win2k Srv system with a Cisco Pix Firewall which takes us out onto the internet, the server has Wingate 5 acting as a Internet Proxy server for 70 Windows 98/XP onsite computers.

This software works fine, but we plan to move our internet proxy onto a RedHat9 server, i am after some help on finding a internet proxy software that has the following features:

- The software must allow me to run a proxy with the PIX firewall being the gateway
- Have the ability to ban websites
- Also have the ability to restrict users connecting to full internet access by any means (ipaddress, username...)

Regards

cmspbakeAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

wesly_chenCommented:
Hi,

    I played with squid before,
http://www.squid-cache.org/
---------
Squid is a high-performance proxy caching server for web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process.

Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests.

Squid supports SSL, extensive access controls, and full request logging. By using the lightweight Internet Cache Protocol, Squid caches can be arranged in a hierarchy or mesh for additional bandwidth savings.
------------

Regards,

Wesly
0
wesbirdCommented:
http://www.squid-cache.org/

Squid permits connection through a firewall and allows serveral schemes for authenticion, including user level basis.  It also can work with ban-lists for inappropriate sites.

Hope this helps
0
wesbirdCommented:
another wes got there first
0
Cloud Class® Course: CompTIA Healthcare IT Tech

This course will help prep you to earn the CompTIA Healthcare IT Technician certification showing that you have the knowledge and skills needed to succeed in installing, managing, and troubleshooting IT systems in medical and clinical settings.

cmspbakeAuthor Commented:
Hi there

I have tried squid but that is a proxy cache, which is nothing like Wingate

I may be wrong but I dont think it has all of the features I require, from what I have read this program just cachhes files.

If you can provide me with a rough config guide I would be grateful and I would be happy to increase the points.

Regards



0
wesly_chenCommented:
Hi,

How to configure squid proxy:
http://squid.visolve.com/squid24s1/contents.htm

> have the ability to restrict users connecting to full internet access by any means
http://squid.visolve.com/squid24s1/access_controls.htm

Wesly
0
cmspbakeAuthor Commented:
Hi there,

I have checked and it is possible to restrict the users, thanks!

But from reading the manuals I cant see any functions/calls that will allow me to set a gateway i.e. Cisco Pix

At present all my pc's point to a proxy server of x.x.x.226
The proxy server then uses the gateway (pix) x.x.x.237
The PIX then uses our 256k digital internet line
Then for a connection coming back in all traffic on port 80 gets forwarded to the proxy x.x.x.226

0
wesbirdCommented:
Surely the .237 is just the default gateway address for eth0 on the squid box in this setup if it has only one NIC.

I hope the users are not able to change their own proxy/network settings.  


0
wesly_chenCommented:
Hi,

> from reading the manuals I cant see any functions/calls that will allow me to set a gateway i.e. Cisco Pix
Default gateway can be set by "route add default gw x.x.x.237". You don't need to set gateway in squid.

> The PIX then uses our 256k digital internet line
> Then for a connection coming back in all traffic on port 80 gets forwarded to the proxy x.x.x.226
PIX forward all the http traffic to your proxy server.
> At present all my pc's point to a proxy server of x.x.x.226
And your PCs set the proxy server to x.x.x.226.

Those look ok to me.

Regards,
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
wesbirdCommented:
You may want to check this out to add to your squid configuration: http://www.squidguard.org/ - It's a content filter.

0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux Networking

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.