And one last question on the NAT'ing subject..
I need to provide full redundancy with automatic failover on all devices (which would now include this NAT device between the Proxies and Internet).
A couple of routers with a VIP and HSRP? Or is there an easy solution using Open/FreeBSD or Linux?
-gvb
On Oct 27, 2004, at 12:13 PM, Henrik Nordstrom wrote:
On Tue, 26 Oct 2004, Gaylord Van Brocklin wrote:
The Squid -> AV server will be bypassing the firewall, but I guess I could throw another NAT box outside the AV servers.
Is this a common solution to this problem?
I seen it done at many places requiring more than one proxy, for the exact reasons you describe.
Other sites uses a proxy.pac file with a list of known troublesome sites and redirecting these to a specific proxy solving the problem that way.
Others use a load balancing scheme where the same user will always use the same proxy (unless unavailable).
Regards Henrik
