Frank Bonnet wrote:
> Hello
>
> Actually I use a very simple config with squid
> every machine into our LAN has proxy access
> the acl is IP address based.
>
> it works
>
> Now I would like to let our users use our proxy from the
> Internet through the LDAP AUTH mechanism.
>
> I have configured both configs separately and iot works fine
> but I never MIXed them is it possible on the same squid server ?
Yes I use IP-based for cabled clients, login for Wifi and External clients.
All you have to do is place your ACL checks in the right order
http_access allow localnet local-ip-test
http_access allow !localnet remote-auth-test
Or, as I do you might let the auth-test work for clients anywhere by
omitting the "!localnet" part of that access line. So local users
connect by IP but unknow/newly-assigned IP can still auth until they get
fixed up.
Amos
-- Please use Squid 2.6STABLE17+ or 3.0STABLE1+ There are serious security advisories out on all earlier releases.Received on Sun Feb 24 2008 - 06:36:08 MST
This archive was generated by hypermail pre-2.1.9 : Sat Mar 01 2008 - 12:00:05 MST