Link to home
Start Free TrialLog in
Avatar of Shannon Adams
Shannon Adams

asked on

"Broadcasting" a proxy address from Red Hat 8 Server

We have web filter software running on a Red Hat 8 server.  For the filtering to work, we have to go into IE and Firefox on each machine and change the settings to use a proxy server address.  However, if the user knows how to change it back to "auto", they bypass the filter.  What I want to do is have all users go through the filter then turn off Internet access unless they go through the proxy first.  Is there a way to "broadcast" the proxy address and port from the Linux server without having to go to each person's machine?  Currently, we are going to each machine and specifiying the proxy and port in LAN settings.  It seems like this would not allow them to surf outside of our network.  I.e., if they took their laptop home.  Plus, it is time consuming to go to each machine and change these settings.
Avatar of Arty K
Arty K
Flag of Kazakhstan image

There is a way to setup 'auto' proxy address.

For doing that, you need:
- DHCP server (optional)
- all machines configured as having same domain suffix (this can be done via DHCP)
- DNS server (it should be owner of master zone of your domain, it may be local domain suffix)
- Apache server
- basic knowledge of JavaScript.

It's a good starting point: http://en.wikipedia.org/wiki/Web_Proxy_Autodiscovery_Protocol

Common steps are:
1) Configure your DNS, add 'wpad' host entry, pointing to your apache
2) Configure your apache WEB server, add wpad.yourdomain.com virtual host
3) Create javascript file wpad.dat and place it to the root directory of wpad.yourdomain.com. Your proxy address will be there.
4) Configure apache to provide content-type 'application/x-ns-proxy-autoconfig' for file wpad.dat



ASKER CERTIFIED SOLUTION
Avatar of Gabriel Orozco
Gabriel Orozco
Flag of Mexico image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
one more thing...

upgrade your system!!! RedHat 8 is out of support, and being a rpm based distro, it's more dificult to maintain that boxes secure.

Regards
Avatar of ranadastidar
ranadastidar

one simple xp based solution i can tell u, just go to run under xp and type mmc it ll open one window then go to file and click on Add/RemoveSnap in, then add Grouppolicy. then choose
user configuration and then windows components and then click on internet disable connection tab as well as select proxy option in this way user wont be able to change the proxy setting.