We have ours behind so the squid server gets the protection of the
firewall. We then use the firewall for transparent proxing of requests.
That is, we don't let anything go out port 80 unless the request is from
squid server. All traffic destined for port 80 is then redirected to
the squid server/port.
-----Original Message-----
From: donovan [mailto:donovan@beth.k12.pa.us]
Sent: Tuesday, August 08, 2006 6:57 AM
To: squid-users@squid-cache.org
Subject: [squid-users] place squid before or after firewall
greetings
I have a new cisco pix 525 and i would like to setup squid /
squidguard for transparent filtering.
Should i place squid on the inside of the pix or the outside? or can
i create a 3rd interface specifically for filtering?
user ---> [ pix nat] --[ squid/squidguard] --[router] --inet
or
user --->[squid/squidguard] --[pix nat ] --[router] -- inet
or
user --[ pix ] -- [router] - inet
|
|
{ squid /squidguard }
your comments and flames welcome :)
--jeff
Received on Tue Aug 08 2006 - 09:11:05 MDT
This archive was generated by hypermail pre-2.1.9 : Fri Sep 01 2006 - 12:00:02 MDT