Frank Bonnet wrote:
Hello
Actually I use a very simple config with squid
every machine into our LAN has proxy access
the acl is IP address based.
it works
Now I would like to let our users use our proxy from the
Internet through the LDAP AUTH mechanism.
I have configured both configs separately and iot works fine
but I never MIXed them is it possible on the same squid server ?
Yes I use IP-based for cabled clients, login for Wifi and External clients.
All you have to do is place your ACL checks in the right order
http_access allow localnet local-ip-test
http_access allow !localnet remote-auth-test
Or, as I do you might let the auth-test work for clients anywhere by
omitting the "!localnet" part of that access line. So local users
connect by IP but unknow/newly-assigned IP can still auth until they get
fixed up.
Amos
--
Please use Squid 2.6STABLE17+ or 3.0STABLE1+
There are serious security advisories out on all earlier releases.