Re: [squid-users] Cache LAN and VLAN webservers

Yeap I can ping the intranet server. I can also use lynx on the squid
box to view the intranet. It seems it can access the local webserver
content. Just people using the squid as proxy can't.

Well basically I got a firewall/gateway 192.168.12.0. A watchguard
firebox. It does the NAT. The internal web servers are intranet
192.168.12.5 and primavera which is 192.168.12.14. I'm also setting up
knowledge tree that runs of box 192.168.12.13 however that maybe dynamic
content so squid problably should cache it much. Well my firewall lets
all LAN (trusted) do everything (ALL) to anything (ANY) on the trusted
networks. The firewall should be an issue.

As a first step, all I want to do is have someone that uses squid be
able to access my intranet server without having to key in the intranet
into the proxy exception list.

Hope this sheds some light on my problem. Thanks!

Lazuardi Nasution wrote:

>Can you ping your internal web server from your Squid ? Your network
>topology is helpful.
>
>-----Original Message-----
>From: Anwar Ahmad [mailto:anwar.ahmad@net-linx.com]
>Sent: Monday, October 24, 2005 3:25 PM
>To: mrxlazuardin@ee.itb.ac.id
>Cc: squidusers
>Subject: Re: [squid-users] Cache LAN and VLAN webservers
>
>I've tried doing a host command namely "host intranet" and I get a correct
>response. I even tried installing lynx on it and broswing my intranet server
>and it works. However squid it self cannot seem to cache these servers.
>
>I read that squid has some sort of dns client of some sort; is there some
>configuration wrong there?
>
>I know that my DNS server works since we can access the intranet server
>directly without any problems... This only happens when I configure the
>proxy. I'm thinking it might be a configuration thing.
>
>Lazuardi Nasution wrote:
>
>
>
>>I think there is DNS problem on your internal network.
>>
>>-----Original Message-----
>>From: Anwar Ahmad [mailto:anwar.ahmad@net-linx.com]
>>Sent: Monday, October 24, 2005 2:57 PM
>>To: squidusers
>>Subject: [squid-users] Cache LAN and VLAN webservers
>>
>>Hi All,
>>
>>I was wondering whether it is possible to cache local LAN & DMZ servers...
>>and have them accessible to VLAN computers.
>>
>>Basically I my LAN is 192.168.12.0 and the squidbox has an IP from this
>>subnet. Basically I want to cache our webserver thats on the LAN (same
>>subnet) and DMZ (192.168.5.0). This will then be used by those who are
>>connected to our VLAN on the 172.21.100.0 subnet.
>>
>>Currently squid can't cache servers. When I set my browser to
>>192.168.128.5 (our intranet server) I get an error It can't locate the
>>server. It seems to only cache external web (internet). I've read how
>>you're supposed to set direct_access for local server but lets say I
>>want to cache local servers. How do I do this. I pasted my squid.conf
>>below. I haven't really changed much as I'm not too sure about which
>>line needs to be changed.
>>
>>Any help is greatly appreciated.
>>
>>Thanks!
>>-------
>>#squid.conf
>>http_port 3128
>>cache_dir ufs /u01/squid 8000 16 256
>>cache_effective_group proxy
>>cache_effective_group proxy
>>acl our_networks src 192.168.12.0/24
>>http_access allow our_networks
>>ftp_user squid@net-linx.com
>>cache_access_log none
>>cache_store_log none
>>hierarchy_stoplist cgi-bin ?
>>acl QUERY urlpath_regex cgi-bin \?
>>no_cache deny QUERY
>>cache_access_log /var/log/squid/access.log cache_log
>>/var/log/squid/cache.log hosts_file /etc/hosts
>>refresh_pattern ^ftp: 1440 20% 10080
>>refresh_pattern ^gopher: 1440 0% 1440
>>refresh_pattern . 0 20% 4320
>>acl all src 0.0.0.0/0.0.0.0
>>acl manager proto cache_object
>>acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst
>>127.0.0.0/8 acl purge method PURGE acl CONNECT method CONNECT
>>http_access allow manager localhost http_access deny manager
>>http_access allow purge localhost http_access deny purge http_access
>>deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow
>>localhost http_reply_access allow all icp_access allow all cache_mgr
>>anwar.ahmad@net-linx.com httpd_accel_port 80 coredump_dir
>>/var/spool/squid
>>
>>
>>
>>
>>
>>
>
>
>
>
Received on Mon Oct 24 2005 - 02:39:51 MDT