On 12.11.15 18:59, christian.bufacchi@xxxxxxxxxx wrote:
We have implemented a SQUID proxy between our clients and a Watchguard
firewall, the which contains user access rules based on our MS Active
Directory.
So we currently have the following flow : Client => SQUID proxy =>
Watchguard => Internet.
At the moment, the Watchguard only receives (sees) the IP address of the
SQUID server. No information from the client is forwarded. The clients are
currently able to access the Internet thru the Firewall because we have
the access to this IP adress.
We would like the SQUID server to forward the client user ID (MS Windows
profile) to the Watchguard in order to apply more specific and detailed
access rules that have been defined in the Watchguard at user level.
I think it would be better to change the processing:
clients => watchguard => squid.
This should help in situations where access rules change so squid wouldn't
cache "denied" pages. I could also help setting up different rules for
different users and/or different times.
Also, watchguard would see clients.
--
Matus UHLAR - fantomas, uhlar@xxxxxxxxxxx ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Boost your system's speed by 500% - DEL C:\WINDOWS\*.*
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
