Solved

Squid Proxy Server

Posted on 2014-04-17
5
612 Views
Last Modified: 2014-04-25
I need to allow unfiltered access thru my proxy for Zixgateway encryption software to work correctly.  I just installed squid 2.7 on my windows 2008 R2 server and I am getting the following error from Zixgateway appliance.  I am using Sonicwall NSA 220 as my firewall.

Check for PROXY to wwss.zixmail.com
 Check for PROXY to rmail.zixmail.com
 cs.zixmail.com is good


Any ideas?  Thanks.
0
Comment
Question by:mogurek
  • 3
  • 2
5 Comments
 

Author Comment

by:mogurek
Comment Utility
forgot to mention which ports, 80 and 443.
0
 
LVL 35

Expert Comment

by:Kimputer
Comment Utility
Can you tell us more about the firewall and rules for the squid routing?
In my situation, I have shorewall forcing traffic through squid. The easiest way to apply what you want, would be to edit this rule in shorewall, telling to still force all connections through squid EXCEPT the ip number if cs.zixmail.com .
0
 

Author Comment

by:mogurek
Comment Utility
I don't have any rules in my firewall now except to use the web proxy which is a simple check box and then telling it the ip address of the squid server.  could you give me an example of what you have in shorewall?  sounds like that may work...  thanks.
0
 
LVL 35

Accepted Solution

by:
Kimputer earned 500 total points
Comment Utility
The normal rule to forward to squid in shorewall is:

REDIRECT        loc:10.0.0.0/8  8080    tcp     www     -      

Open in new window


It just means to force every http connection to the 8080 port (where squid resides).

However, if someone comes to me with "this website has a problem this & that", and if it's business related, and important, I don't fiddle with the squid config (as it takes too much time, I just make an exception for that website:

REDIRECT        loc:10.0.0.0/8  8080    tcp     www     -     !74.125.136.102

Open in new window


The rules says forward every http connection to squid, EXCEPT the website with IP number 74.125.136.102 (you can add more IP, just add with comma's)

Now the question is, can you configure your firewall in a similar way?
0
 

Author Closing Comment

by:mogurek
Comment Utility
Thanks!
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now