Solved

Setting up a Proxy server in a windows server 2008 R2 environment

Posted on 2014-02-03
20
17,578 Views
Last Modified: 2014-03-27
I need to install and setup a proxy server in our windows environment can anyone direct me to the details in doing so using Microsoft server 2008 R2?
0
Comment
Question by:mogurek
  • 11
  • 9
20 Comments
 
LVL 78

Expert Comment

by:arnold
ID: 39831565
Can you provide detail on what your setup?

Are you looking at setting up squid running on Linux or must it be a windows OS based system?

Are you looking at ISA? Is your windows 2008 server setup as a router (two nics one from the WAN and the other feeds the LAN)?
0
 

Author Comment

by:mogurek
ID: 39832494
Thanks for responding. I would like it to remain as a windows OS (windows 2008 R2 server) and I don't know what the best software solution would be.  I can look into ISA (could you provide any input?).  the server is not setup as a router I have a separate device for that.  What i'm looking for is a proxy to cache websites to make the internet faster.
0
 

Author Comment

by:mogurek
ID: 39832608
Sorry in advance for the imprudent question.  Is Microsoft ISA server imbedded in the Windows 2008 R2 OS or do you need to buy it separately? If so, any idea on cost and where to get it?  We are a non-profit 501(c)(3) health care facility.
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 
LVL 78

Expert Comment

by:arnold
ID: 39835378
ISA/FOREFRONT is an add-on.

To setup proxy you have two options transparent proxy (you will configure your router to redirect all port 80 requests except from the proxy to the proxy server/port), you will have to use GPO/GPP to push proxy settings to every user or use the automatic proxy configuration option to publish the proxy information.

Have you setup WSUS already?  This will lower your bandwidth for windows updates while allowing you to manage the timing/installation of updates.

look into squid a quick search for squid windows 2008.

"Proxy" is too general and broad.  You need to define what you want to achieve and what options are available to you.

There are web filter appliances such as baracuda.
0
 

Author Comment

by:mogurek
ID: 39839855
All I really want to do is setup a cache proxy to speed up the internet for our users. I have a firewall and routers already in place.
0
 
LVL 78

Expert Comment

by:arnold
ID: 39842190
I understand that.  look at squid as an option to try (open source)
http://www.squid-cache.org/

Download the exe/msi from http://wiki.squid-cache.org/SquidFaq/BinaryPackages
install it on a server configure it.  Then test its functionality by pointing the browser's proxy settings to it.

note that if the system only has one network card requests to it from the LAN systems and requests from the proxy server out to the internet will travel over the same wire.
0
 

Author Comment

by:mogurek
ID: 39842255
Multiple nics has always confused me, if I have 2 nics in a server what is the best way to configure them to maximize throughput on the network?  example, terminal server with 2 nics and a proxy server with 2 nics, how would you set that up?  thanks in advance for all your help!
0
 
LVL 78

Expert Comment

by:arnold
ID: 39842279
You can set them up as a LAG (LINK AGGREGATION GROUP) tie the ports on the switch to appear as a single link ("double" the bandwidth/speed as well as provide tolerance for single nic failure)

Other options with two nics deal with having the windows server function as a router.
one nic is facing /providing connection to the LAN while the other is facing out to the internet (directly or behind a router).
Using ISA this system often must be in the middle of all traffic
              WAN                                                  LAN
internet <=> ISA server  (works as a firewall) <=> LAN

Another option, is to define two IPs on the same network.
NIC1 outgoing and this is the one where the default gateway will be defined. IP1/DG
NIC2 is the IP to which the clients will send their requests IP2 no DG.
0
 

Author Comment

by:mogurek
ID: 39842297
so your last option would be something like nic 1: IP:172.34.1.10 subnet: 255.255.0.0 G/W: 172.34.1.1 and nic 2: 172.34.1.11 subnet: 255.255.0.0 G/W: leave blank?  how do you define outgoing?  is it simply implied by putting in a G/W?
0
 
LVL 78

Expert Comment

by:arnold
ID: 39842363
yes.
looking at the routing table
route print
or
netstat -rn

you will see the

0.0.0.0 0.0.0.0 172.34.1.1 172.34.1.10 10(metric the lower the number the higher the preference).
0
 

Author Comment

by:mogurek
ID: 39842412
thank you, I will download squid and give it a try.
0
 

Author Comment

by:mogurek
ID: 39842438
I don't see a version for windows 2008?  do you just use squid 3 for windows?
0
 
LVL 78

Expert Comment

by:arnold
ID: 39843479
Yes. windows version should run.  If you have an extra older workstation that is not in use, you may want to take a second track to setup linux with squid. There are many guides, centos, ubuntu server.
0
 

Author Comment

by:mogurek
ID: 39847369
I'll be installing it this week and will keep tis post updated, thanks again for all of your help!  I will close it out by the end of the week.
0
 
LVL 78

Expert Comment

by:arnold
ID: 39847425
Take your time.  Any possibility of using an older workstation or a VM with Linux based OS??
0
 

Author Comment

by:mogurek
ID: 39847449
I am not familiar with Linux at all, how is the install of both Linux and squid to a "rooky" Linux guy?  I can find a workstation.
0
 
LVL 78

Expert Comment

by:arnold
ID: 39847541
install is an install.  The variance is the terms used. You run a Graphical Install. Centos or Ubuntu Server are fairly straight forward. During the install, it asks you what the purpose of the system is which is where you can select the option for proxy server, etc.
Then incorporating content filtering (dansguardian or squidguard) one can find a step by step guide online.
Initially, let the install partition the disk.

Using a VM (VMWARE workstation, VIRTUALBOX) might be the simplest foray.

a while back used a single NIC pIII 300 dell system as a proxy server running centos 5 without any issues by the users. Though, it was setup for content access restriction rather than accelaration.

These days, accelaration might be difficult to achieve as many sites are dynamic such that many images on the page are the results of scripts and add banner rotators.
0
 

Author Comment

by:mogurek
ID: 39847560
do you have a link for Centos or Ubuntu?
0
 
LVL 78

Accepted Solution

by:
arnold earned 500 total points
ID: 39847678
www.centos.org

http://www.ubuntu.com/server


ubuntu usually remains graphical, while centos if graphical packages are not installed will function as a terminal.
Since you are learning, you should install the graphical components. As your familiarity/knowledge increases, in a few weeks, you can disable the graphical portions.

Xming for windows is an X-windowing system that can be used with putty or other SSH clients to send a graphical window from the server back to your desktop.  Enabling you to remotely manage/administer the system without having to sit in front of it.


There are tools to simplify administration such as webmin, etc.

Guess, I should let you tip your toe into the pool before adding ......
0
 

Author Comment

by:mogurek
ID: 39847686
Again, thank you.
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
2007 SCCM 5 57
Missing VM after storage failure 7 1,017
SharePoint 2013 and Office Web Apps Firefox Trust Issue when Opening Documents 2 110
DFS installation question 2 97
This is a fairly complicated script that will install the required prerequisites to install SCCM 2012 R2 on a server.  It was designed under the functional model in order to compartmentalize each step required, reducing the overall complexity.  The …
Experts-Exchange users below are the steps you can follow to upgrade your Lync server to latest CU's or cumulative updates. Note: Perform it during non-production hours.   Step 1: Backup your lync and SQL server database. Follow below article: h…

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question