[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW-1] Squid & HTTP resource
Peace! IPSO 3.4.1-FCS10 FW-1 4.1 SP5a Squid 2.4Stable6 Localnet is behind hide NAT. Localnet browsers' HTTP proxy points to FW:80; HTTP next proxy points to www-cache server in DMZ. HTTP rule is installed with resource (transparent proxy, wildcards; schemes: http, ftp; methods: all of them + *; host: *, path: *, query: *;). That resource gives me an opportunity to log Localnet users' HTTP requests. If the next proxy points to the www-cache server in DMZ, the communication between them dies out at undefinite moment. But if I use my cache server's parent server as next proxy instead, everything works fine. Squid has no problem, because all servers/workstations in DMZ have access to it (HTTP traffic for DMZ in firewall rules is defined without resource). Also there was no problem, if a www-cache server was set up in Localnet. In this case I can't use HTTP resource in firewall, consequently I can't make TrendMicro's Interscan VirusWall to control HTTP traffic. Does anyone of you know, how solve the problem with HTTP next proxy, HTTP resource / transparent proxy, and www-cache server in DMZ? thanks in advance, Uve Lokk ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|