Re: PIX Transparent proxy

[Kevin <KKadow () gmail com>]

On Fri, 22 Oct 2004 12:13:38 -0700, Juan Pablo Feria
<feria () tpitic com mx> wrote:
> I want to use "Transparent proxy" with a PIX using squid cache

Are you looking to use the Squid cache for caching?

Do you have the option to reconfigure the clients to use an explicit
configured proxy instead?

 
> on the squid documentation tells about routers, but the configuration
> commands are not on the pix...
>
> http://www.squid-cache.org/Doc/FAQ/FAQ-17.html#ss17.5
>
> On pix documentation appears commands to communicate with Websense and
> other commercial products...

IIRC these options are for passing URLs (only the URL, not the
session) to a remote filter service which will return a simple
permit/deny response code.  This is sufficient for filtering, but does
not help at all in caching.

> Anyone has any ideas to send the port 80 requests to the squid box?

I do not believe PIX offers this functionality.

Cisco routers offer two distinct optiions which will assist in
deploying a "transparent" caching proxy -- route-map (to re-route
packets to a cache based on the port, protocol or any other ACL match)
and  Web Cache Communication Protocol (WCCP).

So if you had a router that supports either of the above features, you
could configure the router to re-route the packets to the Squid
server, but PIX is not a router, and does not offer these routing
features.


Kevin
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards