Quote:
Originally Posted by AshaVipin
We have some client servers and a master server. In between them, there is a server (say server A) where squid is installed to act as proxy and firewall. Client needs to be communicated with Master server and master needs to be communicated with client.
Client/Master server to Server A connection is through HTTPS 8080
Server A to Client/Master connection is through HTTP & HTTPS 1000
Please let me know if the below configuration in Squid is correct?
Code:
acl client src "client IP addrs.txt"
acl master dst "master IP addr.txt"
http_access allow client master
http_port 8080
Do we need to create acl for port number and protocols? Can we use HTTPS in http_access?
|
You're omitting some details here. Are these servers for ONE client? Are they on the Internet, or are they internal? Because the way your question reads, it seems they're both on the same network, even though they may be WAN connected. That said, your configured LOOKS ok, but I'd question the way you're doing the port 8080...https is different than http, and unless you've explicitly compiled squid with https support, you may not have it.
http://wiki.squid-cache.org/Features/HTTPS
There are ways to use iptables to get https traffic to your destination...but if this is for an internal site, or just for ONE client, the easiest thing to do would be to establish a VPN tunnel, which would keep everything on ONE network, and you wouldn't have to go through a proxy. And the quickest way to figure out if this was going to work would have been to
just try it, and you'd have had an answer faster than it took you to register here and post.