Solved

Confguring SquidNT Server running on Windows 2000 and configuring Cisco Pix firewall

Posted on 2008-10-08
5
783 Views
Last Modified: 2008-10-24
FirewallHow do I configure my Squid and Cisco firewall so that I don't need to modify each of our client's browser settings.
0
Comment
Question by:grazal
  • 3
  • 2
5 Comments
 
LVL 77

Expert Comment

by:arnold
ID: 22671288
Depending on whether squidNT has wccp extensions.  You could configure the cisco device.
Another option is to define an ACL to route all port 80 requests to the squid system.

The options depend on your setup.
0
 

Author Comment

by:grazal
ID: 22679473
I'm so new to SquidNT.  I just downloaded it according to ACME instructions and installing it was straight-forward and didn't require a lot of steps to run it.  I configured one of my XP users' browser to use SquidNt as proxy and it works fine.  Now, I want to have more test users before I implement this new process.  We have about 300 Windows XP internet users (local and remote) in our network.  It would be a lot easier if I don't have to configure each ndividual browsers; but rather, need to tell Cisco PIX firewall to know that Squid is a web proxy server and allows traffic (something like that).  But I don't know how to configure PIX firewall nor Squid to make it happen.  Do you have someone who knows a lot about configuring the Cisco PIX firewall that maybe able to help us also (along with SquidNT for windows)?
0
 

Author Comment

by:grazal
ID: 22679556
Also, I don't know if SquidNT has wccp extensions.   Whoever made the SquidNT Stable 4 version, he made is simple enought to install (without going thru the  %make, %configure, wccp etc. options).  I think all of this options were integrated in the install procedure; maybe, that's why I didn't have a lot of trouble installing/configuring it (I think!).  So if there were wccp extensions, and such, I really don't know????
0
 
LVL 77

Accepted Solution

by:
arnold earned 500 total points
ID: 22684653
The problem is that if you squidnt is not wccp, the below references an ACL with a route map that might be suitable:
http://www.mombu.com/microsoft/isa-server-general/t-replace-squid-with-isa-in-cisco-access-list-1682549.html


Are these workstations members of an AD?  you can use group policy to set the browser proxy.  
Another option is to use the Local DNS server to advertise the proxy settings.
http://nscsysop.hypermart.net/setproxy.html
0
 

Author Comment

by:grazal
ID: 22691497
Hi Master Arnold,

Based on the information you gave me above and based on O'Reilly's Squid Definitive Guide, I think I can make it to work and solve my issue.  I just can't try it yet, because my Squid.conf are not complete yet, and because my ACL and http_access are not completely defined yet.  I still have some issues I had posted yesterday, but have not gotten any response yet regarding them.  

But I thank you for responding to my post.  I may be able to try the above solutions after next week  -- as soon as I get a good response to my other Squid issues..

Sincerely
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I will show you HOW TO: Install VMware Tools for Windows on a VMware Windows virtual machine on a VMware vSphere Hypervisor 6.5 (ESXi 6.5) Host Server, using the VMware Host Client. The virtual machine has Windows Server 2016 instal…
It’s been over a month into 2017, and there is already a sophisticated Gmail phishing email making it rounds. New techniques and tactics, have given hackers a way to authentically impersonate your contacts.How it Works The attack works by targeti…
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question