Hi
I want to allow a Bluecoat SG device to act as a proxy for users in a
remote office where the WAN link is not that great, it seems about 50%
of the traffic over this link is HTTP. I am having troubles making this
work and I think it's in part due to the the location of the Squid
server in relation to the SG device The Squid server sits in the DMZ on
the 192.168.1.0 network, the remote subnet that the Bluecoat sits in is
192.168.201.0 Now by design anything going thru to the Squid proxy
passes thru a Cisco PIX Firewall, so as a result NAT is taking place so
anything coming from the Bluecoat will be NAT'd, or any hosts within my
LAN for that matter I assume it should be just a matter of poking a hole
in the PIX saying anything from the Bluecoat on 192.168.201.2 pass it on
to the Squid proxy on 192.168.1.11 For the purpose of the test I am
going to open up all ports and then tighten up once I have a proof of
concept What do I need to do on the Squid proxy so that there is no
authentication attempts by the Bluecoat. At the moment as requests to
the Squid proxy are made via NTLM (Winbind) you need to be an
authenticated user and part of a Windows NT group to gain access to the
internet Any suggestions would be most welcome =20 Scott
Received on Thu Jun 21 2007 - 22:33:33 MDT
This archive was generated by hypermail pre-2.1.9 : Sun Jul 01 2007 - 12:00:04 MDT