Hi I want to allow a Bluecoat SG device to act as a proxy for users in a remote office where the WAN link is not that great, it seems about 50% of the traffic over this link is HTTP. I am having troubles making this work and I think it's in part due to the the location of the Squid server in relation to the SG device The Squid server sits in the DMZ on the 192.168.1.0 network, the remote subnet that the Bluecoat sits in is 192.168.201.0 Now by design anything going thru to the Squid proxy passes thru a Cisco PIX Firewall, so as a result NAT is taking place so anything coming from the Bluecoat will be NAT'd, or any hosts within my LAN for that matter I assume it should be just a matter of poking a hole in the PIX saying anything from the Bluecoat on 192.168.201.2 pass it on to the Squid proxy on 192.168.1.11 For the purpose of the test I am going to open up all ports and then tighten up once I have a proof of concept What do I need to do on the Squid proxy so that there is no authentication attempts by the Bluecoat. At the moment as requests to the Squid proxy are made via NTLM (Winbind) you need to be an authenticated user and part of a Windows NT group to gain access to the internet Any suggestions would be most welcome =20 Scott
