Fedora Servers :: Reverse The Proxy With Squid?
Mar 14, 2011
I have a reverse proxy set up with squid. I'm going to try and explain what it's doing and I apologize for it being confusing, I'll do the best I can to describe my problem. First, it's for our phone system. We run a ShoreTel Voip system. The owner has decided he wants me to setup MCM (Mobile Call Manager), which from what I can see is an under developed, and almost impossible to get help with Shoretel software. But he's convinced he needs it for his Iphone. It's supposed to, in a nutshell, turn his Iphone into his work phone with all the advantages and doodads that come with it. Apparently, "they have an app for that". On the server side, I need to setup a reverse proxy back into the network on our phone server. Simple enough, I did this with squid. I used the following lines:
Code:
http_port 80 accel defaultsite=172.17.137.7
cache_peer http://172.17.137.7 parent 80 0 no-query originserver name=myAccel
acl our_sites dstdomain http://172.17.137.7
[code]....
Code:
always_direct allow all It most definitely is allowing traffic back to the phone server, the problem is, it hands out my internal server address to the outside client. So for instance, if I connect to the outside routable address with my phone, it will immediately change the url to http://172.17.137.7 which is the inside nat address of my phone server. Which of course doesn't work, since I couldn't browse to that address from the outside. It does however work from the inside of the network, obviously because 172.17.137.7 is accessible from the inside.
View 4 Replies
ADVERTISEMENT
Mar 16, 2011
I've been using squid-cache for a long time for authentication/authorization. It has work fine for years, but now it starts working too slow only in one computer (the others, works fine).
It's configured as a reverse proxy.
I see it can be a DNS problem, but the computer is configured with the same dns servers in resolv.conf that the other computers have.
I use squid 2.6.stable14 on RHEL 4.4.
If I restart the service (service squid restart) it works fine, but 15-20 minutes later, the problem repeats.
View 1 Replies
View Related
Apr 25, 2011
I have got a reverse proxy that is working just fine, it accepts requests on port 443 and port 80 and ONLY sends traffic upstream to port 80 to the apache server listening on localhost. I use the following config:
https_port 10.14.1.72:443 cert=/etc/squid/self_certs/site.crt key=/etc/squid/self_certs/site.key defaultsite=site vhost
cache_peer 127.0.0.1 parent 443 80 no-query originserver login=PASS
http_port 10.14.1.72:80 vhost
My problem is the following : The site should act differently in some occasions based on whether http or https was requested. So my idea is to setup second http vhost on apache listening to port 8080 and on that vhost I would server the https code. So is it possible to use SQUID to :
Send traffic destined for port 443 to localhost:8080
and
Send traffic destined for port 80 to localhost:80 ?
View 13 Replies
View Related
Aug 2, 2011
I have searched and searched for a reverse proxy solution for non-website traffic. TCP but not http, on ports other than 80, 443, 8080, etc. Basically I just need a TCP forwarder that works with multiple TCP servers, WITHOUT webpage caching features. I do not need or want any webpage caching. Can squid work as a reverse proxy for TCP traffic without http? The other program I came across in searching was HAproxy. Both programs are for http but I am curious if they would work for TCP servers that do not serve webpages.
View 2 Replies
View Related
Apr 19, 2011
Will squid or HAproxy work to reverse proxy non-http traffic? I have searched and searched for a reverse proxy solution for non-website traffic. TCP but not http, on ports other than 80, 443, 8080, etc. Basically I just need a TCP forwarder that works with multiple TCP servers, WITHOUT webpage caching features. I do not need or want any webpage caching. Can squid work as a reverse proxy for TCP traffic without http? The other program I came across in searching was HAproxy. Both programs are for http but I am curious if they would work for TCP servers that do not serve webpages.
View 4 Replies
View Related
May 11, 2010
I have 4 servers running squid/3.1.1 proxy server. Since the latest version I can no longer FTP. I have posted this problem in multiple places but have received almost no response. I've found several other post to this problem throughout the Internet which have also gone unanswered. So, once again, I thought I'd give it a try. As I said "I have 4 servers running the newest version of Squid". When I try to access an ftp, any ftp, I receive an error (check attached image). This was never a problem until just recently. Squid should work perfectly find with ftp, it is not a strictly http proxy.
I turned my firewall off just to make sure, still had the same issue. If I jump directly on the server itself with no proxy settings set in the browser it will work fine. As soon as I set the browser setting to access the Squid software I get the same error. I've included my squid config (which is unchanged from the default settings), maybe somebody better versed than myself can point out an obvious flaw. Everything else seem to work just fine, it's only FTP that's a problem.
View 3 Replies
View Related
Jul 27, 2011
I have configured router(192.168.1.2) to serve only one machine with IP - '192.168.1.6' and set up SQUID proxy on '192.168.1.6'. I have defined some rules(ACL) regarding connections to internet on SQUID proxy.
I changed the Gateway of rest of machine (192.168.1.60 - 192.168.1.69) from '192.168.1.2' to '192.168.1.6'.
The policies which I defined in SQUID is working properly but 'Linux Evolution mail' client is not fetching mails.
Is I have to do any other settings on 'Linux System' or 'Evolution mail client'.
View 2 Replies
View Related
May 11, 2010
A first server with apache2 installed and configured as reverse proxy, that works great, with this version:
That works mostly, but fail with an oma (outlook mobile access) redirection
It works for all reverse sites hosted, but when we try to connect to oma using a nokia phone, it fails.
I can see in access.log that it hangs on FolderSync istance.
I've used wireshark to sniff packets, and in oma server I can see only three way handshaking coming...
My doubt is: when I'll upgrade working server, also it will not work anymore...
Configurations are the same (I've copied /etc/apache2 folder from running one to new one).
View 1 Replies
View Related
Jul 22, 2011
I have done configuration of webserver and i want it to pick some information from application server,but i don want people to see that application server,please can someone tell me in detail on how to setup squid reverse proxy server so that each time people want to access my servers they can just see one server,i mean one server must act as a loadbalancer to other servers,let say a sum of up to three servers.I am using redhat 5 servers with apache 2,and squid version that i have is 2.6.
View 5 Replies
View Related
Feb 3, 2011
we have an ubuntu server (10.04 LTS) with apache2 (2.2.9) and mod_proxy + proxy_balancer enabled.Reverse proxy works greatly, but I can't get load balancing working. Apache connect always to first member.
My configuration is as follow:
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Proxy balancer://test>
[Code]...
View 6 Replies
View Related
Feb 18, 2011
the apche2.conf and vhost file I gave the link are the machine on LAN when site is actually hosted.When some one from internet access the site then I expect a log of IP in access.log instead of which I see the IP of machine which is working as Reverse Proxy server for all such requests.What mistake did I do above.
View 4 Replies
View Related
May 26, 2010
I am having a few websites running in a Reverse Proxy scenario on Ubuntu Server 10.04. The configuration is like this:
Code:
|--------------192.168.1.1
| (site1.abc.com)
|
|--------------192.168.1.2
| (site2.abc.com)
|
|
|
|
|--------------192.168.1.3
| (site3.abc.com)
|
|
|
|
|--------------192.168.1.4
| (site4.abc.com)
(Public IP ) |
A-------------------|
(reverse proxy server) |
(192.168.1.25) |
|--------------192.168.1.5
| (site5.abc.com)
|
Except one all websites are running properly and being redirected to their respective domains.
Following is the configuration which I used for each site define on server A a vhost file which contains following
Code:
# ProxyPass / http://<Ip of Server>
# ProxyPassReverse / http://<Ip of Server>
So if I have 5 websites then I have 5 vhost file on the gateway in above diagram A and in each of those file as above root of site is redirected to internal IP. 4 of them are running properly. The fifth website is running on port 8080:/keyword. So in its vhost file on gateway I defined
Code:
# ProxyPass / http://<Ip of Server>:8080/keyword
# ProxyPassReverse / http://<Ip of Server>:8080/keyword
I can see on Lan http://<Ip of Server>:8080/keyword but when from internet I try to see:
http://site5.abc.com
I get redirected to a page is https://site5.abc.com:8443/ and it says
Code:
The webpage at https://site5.abc.com:8443/ might be temporarily down or it may have moved permanently to a new web address. The site5.abc.com has a requirement to be run at port 8080 internally and it is not a Ubuntu server.(Red Hat based server). While rest all are Ubuntu servers including gateway A.
View 1 Replies
View Related
Jan 10, 2010
I just set up squid for the first time. I have zero experience with proxy servers. I used this guide:[URL](I also looked at a few other guides such as this one:ttp://ubuntuforums.org/showthread.php?t=320733. However, I wanted to most barebones config to start with and the link I used was the simplest.)So now that I have it set up, I'm testing it with FoxyProxy. It is not working well. I went to speedtest.net. The download and ping tests were just as fast as without the proxy, but the upload test fails completely.Furthermore, many web pages load very slowly or not at all. So performance is very mixed, but mostly poor.
View 8 Replies
View Related
Sep 29, 2010
I have setup proxy server as squid Now i would like to enable High Availability between two squid proxy servers acting as one.
View 6 Replies
View Related
Apr 22, 2011
everytime if more that 10-15 people using internet at same time squid proxy slow to responde everyweb just keep loading and here my squid proxy settings
1 nic
squid proxy 2.7 stable 9
ubuntu 64bit
intel duo core
[Code]...
View 1 Replies
View Related
Jan 17, 2011
I would like to ask some help and tutorial for setting up and how to configure squid proxy server in my (Home PC Server). I am a newbie in Linux Centos. I already installed in my system the CentOS 5.5 . Now, I want to configure it as my internet server, all of my 4 system running in Windows including the laptop I want to connect through my CentOS pc with username authentication. I assign all IP address by static. see tthe attachement in my set up. [url] I just want to know what I need to change and add in my squid config file. And how can I configure properly my CentOS with 2 LAN card as internet server.
View 1 Replies
View Related
Dec 9, 2010
Currently my DHCP Server is working now what i want to have is auto detection of squid proxy in any browser but I still got an error in my dhcp server when I restart it.
My Config:
# DHCP configuration generated by Firestarter
ddns-update-style interim;
ignore client-updates;
[code]....
View 2 Replies
View Related
Apr 7, 2009
I am trying to configure squid with Fedora 10 to use it as a transparent proxy webcache.Is there any good tutorial you would recommend to a novice?
View 1 Replies
View Related
Aug 29, 2011
I've problem with configuring transparent proxy on Fedora v13 was checking with several examples, last one from here on router (cisco 1812) everything seems ok, think there is a problem with Linux
Squid machine and router 'see each other'
Code:
While try to open web page, on GRE there is:
Code:
But when want to see what hapenning in tunnel between router and squid - there nothing...squid configuration is ok - was checking before try to make it transparent.
View 2 Replies
View Related
May 26, 2010
I am not sure whether it's possible or not. We running squid proxy server for our office. We restrict users using ACL to access the internet. There is some who do the followings:
1. Create a own proxy in there box who has the internet access.
2. Other users use those box as proxy and access to the internet.
View 3 Replies
View Related
Dec 12, 2010
My skill in fedora linux is all acquired by reading online and trial and error. I manage to set up my squid 3.0 proxy server in fedora 11. It is working smoothly as I wanted it to be. I have one client who is running bittorrent that drags all the bandwidth of our network.The problem is I cant make my server work tranparently. I want to make transparent proxy so that it can support my wireless router and I want to control the bandwidth to a fair level for everyone without them knowing.
Please somebody help me configure iptables in step by step, specifically in fedora 11. And all other necessary configuration needed to run my transparent squid 3.0 proxy in fedora 11.I know there's a lot of Linux Genius here that can help. Please help me I needed it badly.
View 5 Replies
View Related
May 1, 2009
I am using Fedora Core 9.0 and Squid Cache: Version 3.0.STABLE2 .
Now i am trying to use the squid as a proxy server but its not working its giving error like this ...
While trying to retrieve the URL: /
The following error was encountered:
Invalid URL Some aspect of the requested URL is incorrect.
Possible problems:
Here is my squid.conf
While trying to retrieve the URL: /
I have also try to forward the traffic coming on 3128 to 80 but its not working:
View 6 Replies
View Related
Mar 31, 2010
I am configuring a proxy server in my desktop, which in turn passthough a proxy ( parent proxy ). I have added following line for this
cache_peer proxy.tcs.com parent 8080 0 proxy-only default
But for parent proxy, we have to specify username and password in this line, I am confused here.
login=userassword | PASS | *assword
Here where I have to enter username and password ?
View 1 Replies
View Related
Feb 13, 2010
What is a Reverse Proxy? And what is the use of implementing a Reverse Proxy???
View 1 Replies
View Related
Aug 12, 2010
What is a Reverse Proxy? And what is the use of implementing a Reverse Proxy?
View 2 Replies
View Related
Jan 25, 2011
I have a server in a corporate data center for a project. I have an SSH access to this machine at port 22.There are some virtual machines running on this server and then at the back of every thing many other Operating systems are working. Now Since I am behind the data centers firewall my supervisor asked me if I can do some thing by which I can give many people on Internet access to these virtual machines directly. I know if I were allowed to get traffic on port other than 22 then I can do a port forwarding. But since I am not allowed this so what can be a solution in this case.
The people who would like to connect might be complete idiots.Who may be happy just by opening putty at their machines or may be even filezilla.I have configured an Apache Reverse Proxy for redirecting the Internet traffic to the virtual machines on these hosts.But I am not clear as for SSH what can I do.So is there some thing equivalent to an Apache Reverse Proxy which can do similar work for SSH in this situation.I do not have firewall in my hands or any port other than 22 open and in fact even if I request they wont allow to open.2 times SSH is not some thing that my supervisor wants.
View 8 Replies
View Related
May 26, 2010
I'm having some trouble getting Apache up and running as a reverse proxy for a site using SSL. Ideally, this Apache system will function as a web application firewall running mod_security, but first I need to get Apache running right. The system is running CentOS 5.5 and Apache 2.2. Trouble is, the web server on the back end, which is running Windows Web Server 2008 (IIS 7) requires SSL. I have been able to get Apache set up and running so that it works fine on port 80, but any secure traffic on port 443 just won't work.
So first, here's the relevant portion of the Apache config:
Code:
<VirtualHost 192.168.108.212:80>
ServerName www.server.com
ErrorLog logs/test_error_log
CustomLog logs/test_access_log common
ProxyPass / http://192.168.108.152/
ProxyPassReverse / http://192.168.108.152/
</VirtualHost>
<VirtualHost 192.168.108.212:443>
ServerName www.server.com
ErrorLog logs/test_error_log
CustomLog logs/test_access_log common
SSLProxyEngine On
SSLProxyMachineCertificateFile /etc/httpd/conf/server.pem
ProxyPass / https://192.168.108.152/
ProxyPassReverse / https://192.168.108.152/
</VirtualHost>
The server.pem was created following some steps I found online and was set up using the same certificate that's on the web server. It is formatted as so:
Code:
-----BEGIN CERTIFICATE-----
*****
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
*****
-----END RSA PRIVATE KEY-----
So, after all is said and done, Apache starts up just fine. Any unsecured requests on port 80 work just fine. Trying to use https results in an ssl_error_rx_record_too_long error in Firefox. The Apache logs show a 404 error, with the request being for /x16/x03/x01. I believe that means it's requesting SSL access on a non-ssl port, which doesn't make any sense to me, considering that I obviously do have something up on to listen on that port.
View 4 Replies
View Related
Dec 27, 2010
I have a web application running on port 8060 and requires a sub directory on the end (:8060/fisheye/). I also have apache running on port 80 and would like to redirect it to [URL].
Code:
RedirectMatch ^/$ [URL] but the port number is visible, how can I hide it?
View 3 Replies
View Related
Nov 19, 2010
I'm working on setting up a hosted OSS app on a VPS and have a question about doing some proxying. I have Centos 5.5/Apache 2.2 running on 2 VPS's, in different locations, accessible from the net. One of these hosts the app itself, the other will be used as a web portal where the end user will login to auth and then be able to access the app. Now, since I don't wan't access to the app server from the world at large, I want to firewall it and only allow access from the portal machine. So what I think I need to do is set up a reverse proxy with mod_proxy, and then if the end user auths forward them to a specific url on the app server.
So when they connect to [url] and log in I need them to be redirected to app.machine.com/theirdir
So the questions I have are:
1) Can this be done? If so, is mod_proxy the way to do it? Configuring Apache isnt a problem, but I havent worked with mod_proxy.
2) If this does work, will it also work with SSL?
3) I've seen a few small tutorials on the net, but not doing exactly what I want to. They all use the reverse proxy with a public IP connecting to a server with a private IP behind a firewall, while I have public IP's on both ends. From a network standpoint I know this shouldn't matter, but I'm not familiar with mod_proxy's particulars itself.
View 1 Replies
View Related
Aug 24, 2011
I've been struggling with this for a couple of days now. I'm trying to setup a reverse proxy with SSL. The config works when it's not using SSL, but as soon as I setup the virtualhost for 443, I get a ERR_CONNECTION_REFUSED in my browser.
The setup is that it's a CentOS 5.6 running Apache 2.2.3. I was configuring it via this guide: [URL]
This server is acting as a reverse proxy for a Windows server running Apache. Currently, I'm just trying to get the manager page from the Windows server to go through the reverse proxy. Here's the virtual host section of my httpd.conf file on the reverse proxy:
<VirtualHost *:443>
ServerName aspwebview.vtinfo.com
SSLEngine On
SSLCertificateFile /etc/httpd/ssl/star_vtinfo.com.crt
[Code]....
Thoughts? Is there anything I have to do on the Windows server (maybe in the connector section of server.xml)?
View 13 Replies
View Related
