Re: [squid-users] Setting up proxy with private to public
On Tuesday 14 April 2020 at 16:03:19, Chris Bidwell - NOAA Federal wrote: > Okay, so I think I'm starting to get somewhere but the connection isn't > completing. I can see the connection come through my firewall, but the > handshake doesn't appear to be happening. Tell us more about your network setup. Is the firewall between the clients and Squid, between Squid and the Internet, or do you have both? Can you do a simple Ping test from a client machine to the Squid server (and get replies)? Can you do the same from the Squid server to some Internet-based web server (making sure it's one which replies to pings - some machines are badly configured and don't do this). > My squid access log is saying: TCP_MISS/503. I'm sure it says a lot more than that, but at least it's an indication that your client is getting the request through to Squid okay. Assuming the Ping test from Squid to an Internet web server works, what happens if you try wget, lynx, curl or even telnet to port 80, from the Squid server to some external web server? Does it indicate that the Squid server has "Internet access"? Antony. -- Programming is a Dark Art, and it will always be. The programmer is fighting against the two most destructive forces in the universe: entropy and human stupidity. They're not things you can always overcome with a "methodology" or on a schedule. - Damian Conway, Perl God Please reply to the list; please *don't* CC me. ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
Re: [squid-users] Setting up proxy with private to public
Okay, so I think I'm starting to get somewhere but the connection isn't completing. I can see the connection come through my firewall, but the handshake doesn't appear to be happening. My squid access log is saying: TCP_MISS/503. On Tue, Apr 14, 2020 at 5:28 AM Matus UHLAR - fantomas wrote: > On 13.04.20 13:19, Chris Bidwell - NOAA Federal wrote: > >Very new to squid and am looking to setup several internal subnets to > >access external network (internet) through squid on a separate interface. > > squid does not use interfaces, squid uses IP addresses. > interfaces are up to underlying OS. > > >Server has two IP's. One private internal and one public. Can someone > >point me in the right direction to get this setup? Running RHEL7. > > this way all internal clients must connect to SQUID's internal IP and squid > will connect to the net using extenral IP. > > >Do I need to create static routes? > > maybe, however this is unrelated to squid > > > Do I need firewalld rules in place? > > no, unless you want to use HTTP interception. > > -- > Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ > Warning: I wish NOT to receive e-mail advertising to this address. > Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. > Windows found: (R)emove, (E)rase, (D)elete > ___ > squid-users mailing list > squid-users@lists.squid-cache.org > http://lists.squid-cache.org/listinfo/squid-users > ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
Re: [squid-users] Setting up proxy with private to public
On 13.04.20 13:19, Chris Bidwell - NOAA Federal wrote: Very new to squid and am looking to setup several internal subnets to access external network (internet) through squid on a separate interface. squid does not use interfaces, squid uses IP addresses. interfaces are up to underlying OS. Server has two IP's. One private internal and one public. Can someone point me in the right direction to get this setup? Running RHEL7. this way all internal clients must connect to SQUID's internal IP and squid will connect to the net using extenral IP. Do I need to create static routes? maybe, however this is unrelated to squid Do I need firewalld rules in place? no, unless you want to use HTTP interception. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Windows found: (R)emove, (E)rase, (D)elete ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users