Solved

Only Allow Access to an HTTPS webpage via Squid Proxy

Posted on 2014-01-08
7
350 Views
Last Modified: 2016-06-02
Hello,
     I am trying to setup a Squid proxy that will only allow access to google drive. Basically, I have a computer that is on a manufacturing floor so that employees can update a shared production log hosted in google drive. I have installed Squid on a CentOS VM and have it up and running, but I'm a bit confused as to what rules to enable to allow only access to Google Drive, since it's encrypted via HTTPS. Thanks for any help!
0
Comment
Question by:indigo6
7 Comments
 
LVL 20

Expert Comment

by:edster9999
ID: 39766204
You ban all sites then add an acl rule that allows the site(s) you want.
Only problem... with google drive it is not a single URL (or web address).

As well as drive.google.com
it will do things with acounts.google.com
and www.google.com too

SO if you allow all these people will be able to use google and maybe other services like gmail (maybe)
0
 
LVL 15

Expert Comment

by:Giovanni Heward
ID: 39766206
Have a look at SSL Bump.
0
 
LVL 20

Accepted Solution

by:
edster9999 earned 500 total points
ID: 39766213
acl ALLOWED dst domain google.com
http_access allow ALLOWED
http_access deny all
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 

Author Comment

by:indigo6
ID: 39766219
edster9999, I was planning on allowing the entire google.com domain, just like you posted. I'll try sslbump as well.
0
 

Author Comment

by:indigo6
ID: 39777408
Ok, when I try to enable SSL bump, it says it can't find a certificate. How can I set up SSL bump?
0
 

Expert Comment

by:Ganesh Waghmode
ID: 40595485
@indigo6: Did you able to setup a squid proxy with SSL bump? If yes, Kindly share how you did it? This is my question. Kindly look into it if you can help.
0

Featured Post

Easy, flexible multimedia distribution & control

Coming soon!  Ideal for large-scale A/V applications, ATEN's VM3200 Modular Matrix Switch is an all-in-one solution that simplifies video wall integration. Easily customize display layouts to see what you want, how you want it in 4k.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Use packet tracer to verify anyconnect VPN 11 56
SSL/TLS - openssl troubleshooting 3 39
BGP recommended setup with failover 2 44
VTP servers with 3650 switches 5 24
Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
This Micro Tutorial will demonstrate importing calendar invites from events such as webinars into your Google Calendar.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

792 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question