On Tue, 26 Oct 2004, Gaylord Van Brocklin wrote:
The Squid -> AV server will be bypassing the firewall, but I guess I could throw another NAT box outside the AV servers.
Is this a common solution to this problem?
I seen it done at many places requiring more than one proxy, for the exact reasons you describe.
Other sites uses a proxy.pac file with a list of known troublesome sites and redirecting these to a specific proxy solving the problem that way.
Others use a load balancing scheme where the same user will always use the same proxy (unless unavailable).
Regards Henrik
