Firewall Wizards mailing list archives
Re: PIX Transparent proxy
From: Kevin <KKadow () gmail com>
Date: Fri, 22 Oct 2004 22:58:05 -0500
On Fri, 22 Oct 2004 12:13:38 -0700, Juan Pablo Feria <feria () tpitic com mx> wrote:
I want to use "Transparent proxy" with a PIX using squid cache
Are you looking to use the Squid cache for caching? Do you have the option to reconfigure the clients to use an explicit configured proxy instead?
on the squid documentation tells about routers, but the configuration commands are not on the pix... http://www.squid-cache.org/Doc/FAQ/FAQ-17.html#ss17.5 On pix documentation appears commands to communicate with Websense and other commercial products...
IIRC these options are for passing URLs (only the URL, not the session) to a remote filter service which will return a simple permit/deny response code. This is sufficient for filtering, but does not help at all in caching.
Anyone has any ideas to send the port 80 requests to the squid box?
I do not believe PIX offers this functionality. Cisco routers offer two distinct optiions which will assist in deploying a "transparent" caching proxy -- route-map (to re-route packets to a cache based on the port, protocol or any other ACL match) and Web Cache Communication Protocol (WCCP). So if you had a router that supports either of the above features, you could configure the router to re-route the packets to the Squid server, but PIX is not a router, and does not offer these routing features. Kevin _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- PIX Transparent proxy Juan Pablo Feria (Oct 22)
- Re: PIX Transparent proxy Kevin (Oct 25)
- <Possible follow-ups>
- RE: PIX Transparent proxy Fetch, Brandon (Oct 28)
- Re: PIX Transparent proxy Devdas Bhagat (Oct 28)