Does Translated IP Matter For Proxy Server (SQUID)


 
Thread Tools Search this Thread
Special Forums IP Networking Does Translated IP Matter For Proxy Server (SQUID)
# 1  
Old 06-22-2013
Wrench Does Translated IP Matter For Proxy Server (SQUID)

I am using Squid to create a proxy server for framework related to an application. My users sit on a private network in 191.xx.xx.xx space and my proxy sits in a different private network in 188.xx.xx.xx space. There will be a NAT in place to allow bidirectional communications but is there an issue with the users accessing the proxy through a translated ip????

I appreciate all the help, this is a first time for me!
# 2  
Old 06-24-2013
No more than without the proxy server. You may lose some identity information if the NAT assigns addresses and ports from a pool. The obvious place to put a proxy is on the firewall network boundary, that is to say, within the local no-NAT domain, so you get the identity right, and let the proxy have access, perhaps bypassing NAT/that-firewall. Of course, if you serve many such behind-NAT spaces, you need a NIC or tunnel so they can all locally connect to the proxy, or many proxy servers. If the power/resources are right, a proxy on a firewall with a local DNS server on the firewall is not a bad model -- just a different way through the same firewall. The proxy server is a very heavy DNS user, so a local DNS cache can be a nice idea. There is a wonderful feeling when you prevent a packet from needing to go out on a network!
# 3  
Old 06-27-2013
DG Thank You, was very educational about proxy servers, do you ever have to deal with ACL's? I need to allow a large scope of 7,700 IPs and block everything else?
# 4  
Old 06-28-2013
Many firewalls allow you to drop in a subroutine of your own. I would put the 8K IPs into a hash map for quick testing, with a hash designed for the form (ascii is slower, bulkier). 8K rules might be a bit bulky. Of course, I imagine they are in specific nets. RWHashTable
# 5  
Old 06-29-2013
Thanks DG I am looking for constant expressions in the url, instead of doing by IP. Instead of allowing by 7000+ IPs there is some consistency in the context of the url patterns.
# 6  
Old 07-01-2013
Be careful, there should not be a back door by using an IP.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Gmail cannot view picture through web browser through squid proxy server

Hi, forum reader, I have a squid problem. We have 2 squid proxy for two different group staffs, both of them can access gmail for web email access. It used about half year. One day we send out email with image but one proxy group user cannot view that pic but another group can see. Any idea for... (2 Replies)
Discussion started by: justinianho
2 Replies

2. Shell Programming and Scripting

Squid proxy shell script

i need squid proxy log file daily auto generate by shell script (1 Reply)
Discussion started by: sanjeetkumar086
1 Replies

3. Linux

Squid using 2 Ethernet in Proxy System

Hi All Im using squid Proxy in centos Squid version = squid.x86_64 7:3.1.10-20.el6_5 CentOS release 6.5 (Final) Router IP = 192.168.1.1 My proxy System have 2 Ethernet port eth0 eth1 Using IP address for eth0 = 192.168.1.15/24 using IP address for eth1 = 192.168.1.16/24 Default... (1 Reply)
Discussion started by: babinlonston
1 Replies

4. UNIX for Advanced & Expert Users

Squid Dynamic Proxy Server Configuration

Hello all, I am trying to configure squid proxy server for different organizations. These organizations will have different blocked ports, different acls, etc. But, I can use only one proxy server for this purpose. Thinking of making a shell script with iptables and squid. For an example: a... (1 Reply)
Discussion started by: admin_xor
1 Replies

5. IP Networking

SQUID Proxy server configuration

Can any one direct me to the resources where I can find in-depth instructions on Squid Proxy server and its configuration? Thanks in advance.:) (1 Reply)
Discussion started by: admin_xor
1 Replies

6. UNIX for Advanced & Expert Users

Setup a Reverse Proxy on Squid

Hi all, The scenario is: http://img834.imageshack.us/img834/7990/1234z.jpg - With: + 192.168.100.0/24 : internet link (simulation) + Multiple Websites are hosting in local. + Complete DNS configuration. + OS: CentOS 5 - Requirements: Configure Squid Proxy as... (0 Replies)
Discussion started by: kidzer0
0 Replies

7. IP Networking

Blocking HTTP tunnel in squid proxy 2.5

Does any one know how to block HTTP Tunnel in squid proxy server. Pls reply (1 Reply)
Discussion started by: vishwanathhcl
1 Replies

8. IP Networking

SQUID Transparent Proxy Server

hi guys! We are setting up Squid Server. we want the server to be transparent. But I don't know how will i be able to set the network up. is it possible to set the squid server in the same LAN with the Squid Client and still functions as a transparent server? if so, can anybody help me do it? ... (1 Reply)
Discussion started by: init6_
1 Replies

9. IP Networking

Squid Proxy URL rewriting

I have an architecture as below <> <> There is a program in the AIX server which sends SMS to the internet, by sending HTTP request to the SMS processing server. Like, http://smsserver/mysms=test However the application does not have an option to specify where the Proxy server... (1 Reply)
Discussion started by: firdousamir
1 Replies

10. UNIX for Advanced & Expert Users

squid proxy and apache servers

hi. pardon my noob question id just like to have a quick answer. i am planning to install a jabber webclient and a jabber server in our apache server. my boss said this wouldnt work because squid filters port 5222 connections (jabber). i told him we can simply 'unfilter' the port then but he said... (0 Replies)
Discussion started by: marcpascual
0 Replies
Login or Register to Ask a Question