LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 12-22-2010, 10:23 PM   #1
ducloiag
LQ Newbie
 
Registered: Nov 2009
Posts: 20

Rep: Reputation: 0
Arrow How to configure Juniper SSG140 deny port 80&443 except Squid proxy !!!


Hello all,
I have just installed Squid proxy. i also use WPAD to deploy policies for all client. Both works well together.
Now i want to configure firewall Juniper SSG140 will be deny all request from client to access internet and redirect to Squid. I mean deny HTTP & HTTPS except Squid (port 3128), even i want to all access to internet have to through Squid proxy.
I don't expert about the firewall Juniper. May i know step by step configure it.
Please adv to me.

http://img256.imageshack.us/img256/8931/jssg140.jpg

Thanks & Best Regards.
 
Old 12-23-2010, 02:54 PM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974
you should check out the screenos manual, but essentially just create a rule to permit those ports to the proxy IP and then let everything else fall through to a default deny at the bottom of the firewall list. We really can't just outright teach you how to use a juniper firewall on a forum, that's what your standard documentation is for. Just ensure that it is going from, and to, the right zones relative to your environment.
 
Old 12-24-2010, 12:39 AM   #3
ducloiag
LQ Newbie
 
Registered: Nov 2009
Posts: 20

Original Poster
Rep: Reputation: 0
May i know these steps configure. Because i have not found on the CD Document attached.
 
Old 12-24-2010, 01:01 AM   #4
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974
Just look for the screenos docs, it's directly linked on the ui. this is about the most mundane and trivial thing to do on an ssg box, and also requires just about no specific knowledge of tte ssg itself, it works very similar to just about any other list based firewall.
 
Old 12-24-2010, 01:58 AM   #5
ducloiag
LQ Newbie
 
Registered: Nov 2009
Posts: 20

Original Poster
Rep: Reputation: 0
I found good topic but almost the body not exist, like this
http://kb.juniper.net/InfoCenter/ind...=1293177066739
 
Old 12-24-2010, 02:44 AM   #6
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974
The body? What does that mean? Obviously being the juniper kb you need to log in to see it.
 
Old 02-21-2011, 01:16 AM   #7
ducloiag
LQ Newbie
 
Registered: Nov 2009
Posts: 20

Original Poster
Rep: Reputation: 0
I mean that link had die.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] Setup Reverse Proxy with proxy_mod to port 443 on IIS Server travis.trav Linux - Server 1 08-31-2010 11:47 AM
[SOLVED] Transparent Squid : Deny direct requests to proxy jma89 Linux - Server 3 07-12-2010 10:19 PM
n00b Question: use router to direct port 80 and 443 traffic to separate proxy server? DurocShark Linux - Newbie 9 11-19-2009 06:29 AM
Squid proxy allow/deny set of clients borganve Linux - Security 1 07-16-2009 08:22 AM
cannot use ssh with port 443 as proxy bogwato Linux - Networking 2 07-15-2009 04:20 PM


All times are GMT -5. The time now is 01:50 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration