Re: [squid-users] Squid configuration

From: Giles Coochey <giles_at_coochey.net>
Date: Wed, 30 Apr 2014 14:25:02 +0100

On 30/04/2014 14:05, Dwijadas Dey wrote:
> Hi
> Giles
> Thanks for your valuable information, Also i think by
> firewall you don't want to mean the router. It looks like from your
> diagram that the router provided by the ISP will be connected to both
> LAN switch and also server ( CentOS) on which the squid is running.
>
> Thanks in advance
> D Dey

Whether you have a router, or whether the ISP provides one to you
depends on your ISP and the termination agreement you have with your ISP.

If the "linksys" you mention is capable of hosting a DMZ then you could
use that, if it is not then perhaps you would want something like this:

ISP
|
|
ISP Router
|
|
Your Firewall----DMZ----Your Proxy
|
|
|
Switch
|
Your LAN PCs.

>
> On Wed, Apr 30, 2014 at 4:32 PM, Giles Coochey <giles_at_coochey.net> wrote:
>> On 30/04/2014 11:57, Dwijadas Dey wrote:
>>> ISP
>>> |
>>> |
>>> |
>>> Linksys Router
>>> |
>>> |
>>> |
>>> |
>>> Switch
>>> | | | | | |
>>> | | | | | |
>>> PC1 PC2 PC3 PC4 PC5 PC6
>>> ^
>>> |
>>> I want tis as a proxy server, Is it possible ?
>>
>> Yes, but it would be better link this:
>>
>> ISP
>> |
>> |
>> |
>> Firewall-------------------DMZ--------------Proxy Server
>> |
>> |
>> LAN Switch
>>
>> |
>> PC1
>> PC2
>> PC3
>> PC4
>> PC5
>> PC6
>>
>> The reasoning behind this is that any system on your internal LAN could
>> attempt to take over the IP of the proxy and gain access to the Internet for
>> itself. If you put the proxy in a DMZ then it is further protected from this
>> kind of attack.
>>
>> --
>> Regards,
>>
>> Giles Coochey, CCNP, CCNA, CCNAS
>> NetSecSpec Ltd
>> +44 (0) 8444 780677
>> +44 (0) 7983 877438
>> http://www.coochey.net
>> http://www.netsecspec.co.uk
>> giles_at_coochey.net
>>
>>

-- 
Regards,
Giles Coochey, CCNP, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 8444 780677
+44 (0) 7983 877438
http://www.coochey.net
http://www.netsecspec.co.uk
giles_at_coochey.net

Received on Wed Apr 30 2014 - 13:25:12 MDT

This archive was generated by hypermail 2.2.0 : Thu May 01 2014 - 12:00:06 MDT