Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Squid Proxy Server

Posted on 2014-04-17
5
Medium Priority
?
676 Views
Last Modified: 2014-04-25
I need to allow unfiltered access thru my proxy for Zixgateway encryption software to work correctly.  I just installed squid 2.7 on my windows 2008 R2 server and I am getting the following error from Zixgateway appliance.  I am using Sonicwall NSA 220 as my firewall.

Check for PROXY to wwss.zixmail.com
 Check for PROXY to rmail.zixmail.com
 cs.zixmail.com is good


Any ideas?  Thanks.
0
Comment
Question by:mogurek
  • 3
  • 2
5 Comments
 

Author Comment

by:mogurek
ID: 40007241
forgot to mention which ports, 80 and 443.
0
 
LVL 37

Expert Comment

by:Kimputer
ID: 40007787
Can you tell us more about the firewall and rules for the squid routing?
In my situation, I have shorewall forcing traffic through squid. The easiest way to apply what you want, would be to edit this rule in shorewall, telling to still force all connections through squid EXCEPT the ip number if cs.zixmail.com .
0
 

Author Comment

by:mogurek
ID: 40008790
I don't have any rules in my firewall now except to use the web proxy which is a simple check box and then telling it the ip address of the squid server.  could you give me an example of what you have in shorewall?  sounds like that may work...  thanks.
0
 
LVL 37

Accepted Solution

by:
Kimputer earned 1500 total points
ID: 40009542
The normal rule to forward to squid in shorewall is:

REDIRECT        loc:10.0.0.0/8  8080    tcp     www     -      

Open in new window


It just means to force every http connection to the 8080 port (where squid resides).

However, if someone comes to me with "this website has a problem this & that", and if it's business related, and important, I don't fiddle with the squid config (as it takes too much time, I just make an exception for that website:

REDIRECT        loc:10.0.0.0/8  8080    tcp     www     -     !74.125.136.102

Open in new window


The rules says forward every http connection to squid, EXCEPT the website with IP number 74.125.136.102 (you can add more IP, just add with comma's)

Now the question is, can you configure your firewall in a similar way?
0
 

Author Closing Comment

by:mogurek
ID: 40022950
Thanks!
0

Featured Post

WatchGuard Case Study: Museum of Flight

“With limited money and limited staffing, we didn’t have a lot of choices in terms of what we could do to bring efficiency. WatchGuard played a central part in changing that.” To provide strong, secure Wi-Fi access within the museum, Hunter chose to deploy WatchGuard’s AP120 APs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
The conference as a whole was very interesting, although if one has to make a choice between this one and some others, you may want to check out the others.  This conference is aimed mainly at government agencies.  So it addresses the various compli…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses
Course of the Month11 days, 13 hours left to enroll

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question