Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Squid cache server behind a Watchguard appliance

Posted on 2011-09-21
5
2,368 Views
Last Modified: 2013-11-23
Hi,
I have a Watchguard XTM-520 box and I'm trying to configure it to use a Squid linux as an external cache server, since watchguard does not do caching.

If I point my browser directly to the squid server
(which is behind the firewall) I'm able to browse ok.
The firebox has a setting for the http proxy that
allows you to point all outgoing http requests to a
proxy caching server (Use Webcache Server). If I plug the squid IP address
in here, browsing stops working. The browsers hang
for a while at the site contacted, waiting for reply.
Finally the request times out.

Can anyone please help me to find out why this config is not working?

Thanks,
0
Comment
Question by:A-MONTERO
5 Comments
 
LVL 4

Accepted Solution

by:
Felicia King earned 500 total points
ID: 36577799
I'm a WatchGuard certified partner. I think you need to ask the WatchGuard support experts this question. The problem may be an incompability in the redirection.
0
 
LVL 5

Expert Comment

by:hvillanu
ID: 36583876
Hi,
If I understand correctly you have some net-design like this:

PC - Watchguard - Squid - RouterInternet

The trouble could be routing-traffic from squid-box to wathguard what OS you use for Squid?

-regards-
0
 

Author Comment

by:A-MONTERO
ID: 36583896
OS for Squid is Ubuntu Linux 9.10
0
 
LVL 5

Expert Comment

by:hvillanu
ID: 36711503
Hi,
Asumming you Network Topology is like a ask before...

You need to be shure that can reach your networks by running traceroute from your linux box to your inside LAN and to internet.
Then perhaps validate a fix iptables o rounting rules on your linux, at least check squid config ACL.
Also check the logs to see whats goin on.

-regards
0
 
LVL 1

Expert Comment

by:marcoseguracr
ID: 39672082
This is not the right solution, in general, Watchguard HTTP-PROXY only can handle WEB-CACHE SERVER only when the rule is HTTP-PROXY rule and not part of TCP-UDP-PROXY rule. The most important is that your squid need full access (preferred in different VLAN, without direct access at your local LAN). with this you will warranty that will work great.

You can use THUNDER CACHE or RAPTOR CACHE that include really good combination of cache-proxy that help to speed up your network with new WEB 2.0 technologies (facebook, youtube, googlevideo, etc...)
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Data breaches are on the rise, and companies are preparing by boosting their cybersecurity budgets. According to the Cybersecurity Market Report (http://www.cybersecurityventures.com/cybersecurity-market-report), worldwide spending on cybersecurity …
Most MSPs worth their salt are already offering cybersecurity to their customers. But cybersecurity as a service is wide encompassing and can mean many things.  So where are MSPs falling in this spectrum?
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question