Solved

Squid Proxy Server

Posted on 2014-04-17
5
635 Views
Last Modified: 2014-04-25
I need to allow unfiltered access thru my proxy for Zixgateway encryption software to work correctly.  I just installed squid 2.7 on my windows 2008 R2 server and I am getting the following error from Zixgateway appliance.  I am using Sonicwall NSA 220 as my firewall.

Check for PROXY to wwss.zixmail.com
 Check for PROXY to rmail.zixmail.com
 cs.zixmail.com is good


Any ideas?  Thanks.
0
Comment
Question by:mogurek
  • 3
  • 2
5 Comments
 

Author Comment

by:mogurek
ID: 40007241
forgot to mention which ports, 80 and 443.
0
 
LVL 35

Expert Comment

by:Kimputer
ID: 40007787
Can you tell us more about the firewall and rules for the squid routing?
In my situation, I have shorewall forcing traffic through squid. The easiest way to apply what you want, would be to edit this rule in shorewall, telling to still force all connections through squid EXCEPT the ip number if cs.zixmail.com .
0
 

Author Comment

by:mogurek
ID: 40008790
I don't have any rules in my firewall now except to use the web proxy which is a simple check box and then telling it the ip address of the squid server.  could you give me an example of what you have in shorewall?  sounds like that may work...  thanks.
0
 
LVL 35

Accepted Solution

by:
Kimputer earned 500 total points
ID: 40009542
The normal rule to forward to squid in shorewall is:

REDIRECT        loc:10.0.0.0/8  8080    tcp     www     -      

Open in new window


It just means to force every http connection to the 8080 port (where squid resides).

However, if someone comes to me with "this website has a problem this & that", and if it's business related, and important, I don't fiddle with the squid config (as it takes too much time, I just make an exception for that website:

REDIRECT        loc:10.0.0.0/8  8080    tcp     www     -     !74.125.136.102

Open in new window


The rules says forward every http connection to squid, EXCEPT the website with IP number 74.125.136.102 (you can add more IP, just add with comma's)

Now the question is, can you configure your firewall in a similar way?
0
 

Author Closing Comment

by:mogurek
ID: 40022950
Thanks!
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
Many companies are looking to get out of the datacenter business and to services like Microsoft Azure to provide Infrastructure as a Service (IaaS) solutions for legacy client server workloads, rather than continuing to make capital investments in h…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question