Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Setting up a Proxy server in a windows server 2008 R2 environment

Posted on 2014-02-03
20
17,376 Views
Last Modified: 2014-03-27
I need to install and setup a proxy server in our windows environment can anyone direct me to the details in doing so using Microsoft server 2008 R2?
0
Comment
Question by:mogurek
  • 11
  • 9
20 Comments
 
LVL 77

Expert Comment

by:arnold
ID: 39831565
Can you provide detail on what your setup?

Are you looking at setting up squid running on Linux or must it be a windows OS based system?

Are you looking at ISA? Is your windows 2008 server setup as a router (two nics one from the WAN and the other feeds the LAN)?
0
 

Author Comment

by:mogurek
ID: 39832494
Thanks for responding. I would like it to remain as a windows OS (windows 2008 R2 server) and I don't know what the best software solution would be.  I can look into ISA (could you provide any input?).  the server is not setup as a router I have a separate device for that.  What i'm looking for is a proxy to cache websites to make the internet faster.
0
 

Author Comment

by:mogurek
ID: 39832608
Sorry in advance for the imprudent question.  Is Microsoft ISA server imbedded in the Windows 2008 R2 OS or do you need to buy it separately? If so, any idea on cost and where to get it?  We are a non-profit 501(c)(3) health care facility.
0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 
LVL 77

Expert Comment

by:arnold
ID: 39835378
ISA/FOREFRONT is an add-on.

To setup proxy you have two options transparent proxy (you will configure your router to redirect all port 80 requests except from the proxy to the proxy server/port), you will have to use GPO/GPP to push proxy settings to every user or use the automatic proxy configuration option to publish the proxy information.

Have you setup WSUS already?  This will lower your bandwidth for windows updates while allowing you to manage the timing/installation of updates.

look into squid a quick search for squid windows 2008.

"Proxy" is too general and broad.  You need to define what you want to achieve and what options are available to you.

There are web filter appliances such as baracuda.
0
 

Author Comment

by:mogurek
ID: 39839855
All I really want to do is setup a cache proxy to speed up the internet for our users. I have a firewall and routers already in place.
0
 
LVL 77

Expert Comment

by:arnold
ID: 39842190
I understand that.  look at squid as an option to try (open source)
http://www.squid-cache.org/

Download the exe/msi from http://wiki.squid-cache.org/SquidFaq/BinaryPackages
install it on a server configure it.  Then test its functionality by pointing the browser's proxy settings to it.

note that if the system only has one network card requests to it from the LAN systems and requests from the proxy server out to the internet will travel over the same wire.
0
 

Author Comment

by:mogurek
ID: 39842255
Multiple nics has always confused me, if I have 2 nics in a server what is the best way to configure them to maximize throughput on the network?  example, terminal server with 2 nics and a proxy server with 2 nics, how would you set that up?  thanks in advance for all your help!
0
 
LVL 77

Expert Comment

by:arnold
ID: 39842279
You can set them up as a LAG (LINK AGGREGATION GROUP) tie the ports on the switch to appear as a single link ("double" the bandwidth/speed as well as provide tolerance for single nic failure)

Other options with two nics deal with having the windows server function as a router.
one nic is facing /providing connection to the LAN while the other is facing out to the internet (directly or behind a router).
Using ISA this system often must be in the middle of all traffic
              WAN                                                  LAN
internet <=> ISA server  (works as a firewall) <=> LAN

Another option, is to define two IPs on the same network.
NIC1 outgoing and this is the one where the default gateway will be defined. IP1/DG
NIC2 is the IP to which the clients will send their requests IP2 no DG.
0
 

Author Comment

by:mogurek
ID: 39842297
so your last option would be something like nic 1: IP:172.34.1.10 subnet: 255.255.0.0 G/W: 172.34.1.1 and nic 2: 172.34.1.11 subnet: 255.255.0.0 G/W: leave blank?  how do you define outgoing?  is it simply implied by putting in a G/W?
0
 
LVL 77

Expert Comment

by:arnold
ID: 39842363
yes.
looking at the routing table
route print
or
netstat -rn

you will see the

0.0.0.0 0.0.0.0 172.34.1.1 172.34.1.10 10(metric the lower the number the higher the preference).
0
 

Author Comment

by:mogurek
ID: 39842412
thank you, I will download squid and give it a try.
0
 

Author Comment

by:mogurek
ID: 39842438
I don't see a version for windows 2008?  do you just use squid 3 for windows?
0
 
LVL 77

Expert Comment

by:arnold
ID: 39843479
Yes. windows version should run.  If you have an extra older workstation that is not in use, you may want to take a second track to setup linux with squid. There are many guides, centos, ubuntu server.
0
 

Author Comment

by:mogurek
ID: 39847369
I'll be installing it this week and will keep tis post updated, thanks again for all of your help!  I will close it out by the end of the week.
0
 
LVL 77

Expert Comment

by:arnold
ID: 39847425
Take your time.  Any possibility of using an older workstation or a VM with Linux based OS??
0
 

Author Comment

by:mogurek
ID: 39847449
I am not familiar with Linux at all, how is the install of both Linux and squid to a "rooky" Linux guy?  I can find a workstation.
0
 
LVL 77

Expert Comment

by:arnold
ID: 39847541
install is an install.  The variance is the terms used. You run a Graphical Install. Centos or Ubuntu Server are fairly straight forward. During the install, it asks you what the purpose of the system is which is where you can select the option for proxy server, etc.
Then incorporating content filtering (dansguardian or squidguard) one can find a step by step guide online.
Initially, let the install partition the disk.

Using a VM (VMWARE workstation, VIRTUALBOX) might be the simplest foray.

a while back used a single NIC pIII 300 dell system as a proxy server running centos 5 without any issues by the users. Though, it was setup for content access restriction rather than accelaration.

These days, accelaration might be difficult to achieve as many sites are dynamic such that many images on the page are the results of scripts and add banner rotators.
0
 

Author Comment

by:mogurek
ID: 39847560
do you have a link for Centos or Ubuntu?
0
 
LVL 77

Accepted Solution

by:
arnold earned 500 total points
ID: 39847678
www.centos.org

http://www.ubuntu.com/server


ubuntu usually remains graphical, while centos if graphical packages are not installed will function as a terminal.
Since you are learning, you should install the graphical components. As your familiarity/knowledge increases, in a few weeks, you can disable the graphical portions.

Xming for windows is an X-windowing system that can be used with putty or other SSH clients to send a graphical window from the server back to your desktop.  Enabling you to remotely manage/administer the system without having to sit in front of it.


There are tools to simplify administration such as webmin, etc.

Guess, I should let you tip your toe into the pool before adding ......
0
 

Author Comment

by:mogurek
ID: 39847686
Again, thank you.
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you are trying to access the server, have you ever encountered "The terminal server has exceeded the maximum number of allowed connection" error?  or "The user is attempting to log on to a Terminal Server in Remote Administration mode, but the …
I have put this article together as i needed to get all the information that might be available already into one general document that could be referenced once without searching the Internet for the different pieces. I have had a few issues where…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

792 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question