Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » Use another 3rd party proxy as transparent proxy
  •  
Michael Smith

Messages: 9
Karma: 0
Send a private message to this user
Hey all,

I know Winroute provides a built in transparent proxy. Well, I've found a very nice proxy I'd like to use. I can, but only if it's configured on every client machine (respectively via a configuration script). There is a feature to forward requests to another proxy, but only for the non-transparent one.

My question:
Is it somehow possible to use a 3rd party proxy as a transparent proxy?

Nice regards,
Michael
  •  
winkelman

Messages: 2119
Karma: 3
Send a private message to this user
Excuse my curiousity: what good would KWF be if your clients use another proxy?
  •  
Michael Smith

Messages: 9
Karma: 0
Send a private message to this user
Smile Well, I've found a fine proxy that can filter advertisements. Anonymity would also be nice, but hasn't been set up yet.

[Updated on: Thu, 05 October 2006 17:46]

  •  
Michael Smith

Messages: 9
Karma: 0
Send a private message to this user
Hey guys, I did it !! Very Happy

If someone would like to know how just reply here.
  •  
Michael Smith

Messages: 9
Karma: 0
Send a private message to this user
Quote:

Hi Michael,
Me too want to use another 3rd party proxy as transparent proxy parented from KWF. Because I need to keep the cache large, but in KWF it is limited to 2 Gb. So I want to configure my KWF parent proxy to Squid. I set up my KWF and squid, running on the same PC. KWF proxy 3128, squid 8080. It is working with the non-transparent, but cannot work with the transparent one.
I already test couple ways, but get nothing work.
Please advise me.

Best Regards,

Akwek


Hi Akwek,

well, where do I start?

Are you sure a cache of 2 GB is a good idea? In my experience such a great cache might actualy slow down what it should normaly speed up. But okay, that your's to judge.

I have my server running KWF. And there's another machine I called Privoxy (because the proxy application running on that machine has that name). Actually Privoxy is not a physical system, but a virtual one (VMware Server, free by the way). But as far as I understand you're satisfied with the features Squid provides. So I'll just call my proxy-machine Privoxy. Here we go:

Well, I too need Squid, because Privoxy doesn't provide transparent proxying.
I haven't found a way to run Squid and KWF on the same logical machine (but I haven't really tried, because I wanted them to run on different machines). There might be a problem with the following rules, if you want to run them on the same machine.

First deactivate all KWF proxy features. Since we're achieving our goal with two firewall rules we don't any of them.

In case of two machines, you'll need to set up the two following rules (in that order!):

Source-Destination-Service-Translation
===================
1. Privoxy-Internet-Http-SNAT (Default outgoing interface)
2. LAN-Internet-Http-Full NAT (SNAT Firewall host, DNAT Privoxy)

This should work (it does for me) for all outgoing http-traffic on port 80, but not any other ports.
For example I tried to reroute http traffic on port 8080 through Privoxy. But if you use port translation (to port 80) on KWF my proxy tried to reach the webserver on port 80 instead of 8080.

That's why I wrote it might be hard to have both KWF and squid to run on the same logical machine. It should theoretically work if Squid can run on port 80 on the KWF machine (because that's the port webservers are usually contacted on). But in my case I already have a webserver running on that port. And port translation didn't work out of the above mentioned reasons.

Is somehow clear what you have to do?
  •  
Akwek

Messages: 2
Karma: 0
Send a private message to this user
Hi Michael,
Thanks alot for ur reply. You are absolutely right, it is very hard to get both of them running on the same machine. Until now, I not yet success. Maybe I have to try another software, but I do ever success doing this with Wingate + Squid, and there were easy to set. So, I just want to know how about with KWF + squid? And until now I cannot do it, hehehe. I think almost give up now. Confused
Best Regards,

Akwek
  •  
Michael Smith

Messages: 9
Karma: 0
Send a private message to this user
Maybe you wanna try running Squid on another machine on port 80? If it works you could think about a virtual machine...
  •  
Akwek

Messages: 2
Karma: 0
Send a private message to this user
Hmm, maybe I should try on another machine. I already try to set squid run on port 80, in the same machine with KWF (because I don't have any web server running), still mot working.
  •  
aaaabbbb

Messages: 1
Karma: 0
Send a private message to this user
hi michael,

I would like to know how you setup 3rd party proxy, because i have same problem as you are. I want to filter web browsing also. Thx for your help.

  •  
Michael Smith

Messages: 9
Karma: 0
Send a private message to this user
Hello,

what do you mean by 3rd party? Squid? Privoxy?
Previous Topic: Error in ISS Orange Webfilter
Next Topic: "Unrecognized Users" and VPN Tunnel traffic
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Wed Nov 22 04:22:55 CET 2017

Total time taken to generate the page: 0.00440 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.