Solved

Confguring SquidNT Server running on Windows 2000 and configuring Cisco Pix firewall

Posted on 2008-10-08
5
777 Views
Last Modified: 2008-10-24
FirewallHow do I configure my Squid and Cisco firewall so that I don't need to modify each of our client's browser settings.
0
Comment
Question by:grazal
  • 3
  • 2
5 Comments
 
LVL 77

Expert Comment

by:arnold
ID: 22671288
Depending on whether squidNT has wccp extensions.  You could configure the cisco device.
Another option is to define an ACL to route all port 80 requests to the squid system.

The options depend on your setup.
0
 

Author Comment

by:grazal
ID: 22679473
I'm so new to SquidNT.  I just downloaded it according to ACME instructions and installing it was straight-forward and didn't require a lot of steps to run it.  I configured one of my XP users' browser to use SquidNt as proxy and it works fine.  Now, I want to have more test users before I implement this new process.  We have about 300 Windows XP internet users (local and remote) in our network.  It would be a lot easier if I don't have to configure each ndividual browsers; but rather, need to tell Cisco PIX firewall to know that Squid is a web proxy server and allows traffic (something like that).  But I don't know how to configure PIX firewall nor Squid to make it happen.  Do you have someone who knows a lot about configuring the Cisco PIX firewall that maybe able to help us also (along with SquidNT for windows)?
0
 

Author Comment

by:grazal
ID: 22679556
Also, I don't know if SquidNT has wccp extensions.   Whoever made the SquidNT Stable 4 version, he made is simple enought to install (without going thru the  %make, %configure, wccp etc. options).  I think all of this options were integrated in the install procedure; maybe, that's why I didn't have a lot of trouble installing/configuring it (I think!).  So if there were wccp extensions, and such, I really don't know????
0
 
LVL 77

Accepted Solution

by:
arnold earned 500 total points
ID: 22684653
The problem is that if you squidnt is not wccp, the below references an ACL with a route map that might be suitable:
http://www.mombu.com/microsoft/isa-server-general/t-replace-squid-with-isa-in-cisco-access-list-1682549.html


Are these workstations members of an AD?  you can use group policy to set the browser proxy.  
Another option is to use the Local DNS server to advertise the proxy settings.
http://nscsysop.hypermart.net/setproxy.html
0
 

Author Comment

by:grazal
ID: 22691497
Hi Master Arnold,

Based on the information you gave me above and based on O'Reilly's Squid Definitive Guide, I think I can make it to work and solve my issue.  I just can't try it yet, because my Squid.conf are not complete yet, and because my ACL and http_access are not completely defined yet.  I still have some issues I had posted yesterday, but have not gotten any response yet regarding them.  

But I thank you for responding to my post.  I may be able to try the above solutions after next week  -- as soon as I get a good response to my other Squid issues..

Sincerely
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

The use of stolen credentials is a hot commodity this year allowing threat actors to move laterally within the network in order to avoid breach detection.
If you need to start windows update installation remotely or as a scheduled task you will find this very helpful.
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now