Davide Bianchi wrote: >Use your local firewall to implement a transparent proxy, configure each >local proxy to forward his request to the main proxy on a special port, >filter on the main proxy with that port only and implement certificate >authentication between the local and the central proxy. See the >documentation of the proxy server. DO NOT USE apache for this. > >An alternative is to implement a VPN between the local offices and the >central one and have the proxy only talks over the VPN. Yes, the local firewall is a transparent proxy using a special port which is filtered at head office. As the local offices are international I was reluctant to employ SSL technology because of the associated import/export restrictions. Also, I'm not sure why you emphasise not to use Apache. A VPN would be nice, but some of the connectivity will be via limited bandwidth satellite connections, so I do not see this as a way forward. Dave --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|