Re: [squid-users] DMZ front end to server on the privite network...

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Thu, 19 Apr 2001 21:36:40 +0200

jeremy.t.grant wrote:
              _____ ______
> / DMZ \ / \
> / _____ \ http / ______ \
> Internet___|_|Squid| |_____|_____|_|Web | |
> 80| |Proxy| | | 8080| |Server| |
> ___|_| |_|_____|_____|_| | |
> 443| | | | | 8443| | | |
> \ ----- / Firewall \ ------ /
> ------- --------
>
> We are being asked to add https to the config...we need to have any
> request coming in on port 443 forwarded to the webserver on 8443...this
> will be ssl so we are not sure if it is possable or not...

You have two options

a) Use a port forwarder (not Squid) to forward port 443 to the SSL web
server. Sort of the same as directly publishing the SSL port of the web
server on the internet.

b) Use a SSL enabled Squid who will accept the SSL client connection,
and then forward it using plain HTTP to port 8080 on the web server.

--
Henrik Nordstrom
Squid Hacker
Received on Thu Apr 19 2001 - 13:57:37 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:59:23 MST