Solved

Free Proxy Server

Posted on 2009-07-11
7
359 Views
Last Modified: 2013-11-16
Hello Experts,
i'm going to close a MS ISA 2004 proxy server due to high license costs. Due to this business choice I have to find a valid substitute but freeware/GNU.

the aim is using this proxy as CACHE server for a big site (400 users). Only authenticated users can use the proxy. Windows 2003 Active Directory authentication based on AD group(s).

I have 10 years skills on most of the microsoft products but very poor in Linux/Unix OS.
I could use VMWare technology (ESX 3.5 vi3) with vitual appliance.

have you any suggestions how to approch this translaction? what about SQUID? i tried it 1 year ago but i had a lot of problems with AD authentications.

thanks in advance
Andrea.
0
Comment
Question by:ITDataCenter
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
7 Comments
 
LVL 40

Expert Comment

by:mrjoltcola
ID: 24831241
Squid is certainly the most popular, by far. Thats what I would recommend, since it has the largest userbase and knowledgebase.

Have you see this article regarding Squid + AD?

http://www.papercut.com/kb/Main/ConfiguringSquidProxyToAuthenticateWithActiveDirectory

Google squid + ldap authentication to get some more articles

If you've already a working AD, then you should be able to work the squid config in on the side and fully test it with AD prior to ever doing any permanent changes to the main proxy.
0
 
LVL 1

Author Comment

by:ITDataCenter
ID: 24833642
Wow! that's a great article, thanks so much! I'll have a try building a VM with Ubuntu+squid.

Yesterday I played with the latest IpCop appliance that looks very easy to manage and install. I succeeded having AD working with ipacop but i don't like the NTLM authentication mode which asks every time the user credentials. i'd like have the users enabled authenticated with kerberos without crendetials requests at any time they open the browser.

Do you know if exist a very easy step by step setup of squid in any linux box? i have very basic linux skills.. i'm a little bit lost on the OS/software setup on this environment. thanks!
0
 
LVL 14

Expert Comment

by:Monis Monther
ID: 24834179
An alternative solutoin for having the users enter logon information is to use firefox instead of IE.

You can also use squidguard with squid to do category based filtering much like websence and bluecoat does (Not that powerfull DB ofcourse but also not much less for a free product)

If you are stuck with any squidish stuff just post it here
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 1

Author Comment

by:ITDataCenter
ID: 24846812
Hi guys,
even if forefox is much better than IE, I have bloody corporate rules that force me using it.
at the top of all company divisions we have a websence filtering but at the site level we do not have any cache (MS ISA2004 to be dismissed). After hours of googling I found this nice article
http://www.thedailyadmin.com/2009/04/how-to-install-virtual-machine-with.html
I'll mix the papercut solution provide by you and I'll probably end this in to a realable cache proxy server based on linux OS. i'll keep you posted! ciao
0
 
LVL 1

Author Comment

by:ITDataCenter
ID: 24867695
hi!i
i have just installed the squid+dansguardian.
how can i temporarely route the www traffic made by this new squid box to another proxy? in this staging I do not have corporate firewall ports open for the new squid server so I would first have a proxy chaning than move it as normal (if works ;))

staging:
new squid > proxy > firewall > internet
future:
new squid > firewall > internet


thanks
ciao
0
 
LVL 40

Expert Comment

by:mrjoltcola
ID: 24871434
You'll get better help if you phrase a new question with that specific intent in mind. I do not work hands-on with squid or any other proxy server in the last 7 years or more. My experience is quite dated. I knew enough to recommend squid but not hands-on to config.
0
 
LVL 1

Accepted Solution

by:
ITDataCenter earned 0 total points
ID: 24913963
hi,
i'm lost, i used papercut guidine but i'm not able to authenticate agaist active directory domain
http://www.papercut.com/kb/Main/ConfiguringSquidProxyToAuthenticateWithActiveDirectory

I used microsoft ldp to test the ldap bind and group CN path and all is okay.
when i open the browser i get the user name/password request. even if the user and password is typed manually the popup back again, no way to go further.
I don't understand what is wrong, pleasee help!!

0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Is Windows Defender in W10 sufficient protection? 5 67
Redhat upgrade 1 48
Is Fedora an appropriate distro for the environment. 7 91
Advice on ESXi 5.1 Health / Storage 1 45
I. Introduction There's an interesting discussion going on now in an Experts Exchange Group — Attachments with no extension (http://www.experts-exchange.com/discussions/210281/Attachments-with-no-extension.html). This reminded me of questions tha…
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question