Hi Amos,
Just wanted to follow up on this saying thanks for taking the time to reply.
Cheers.
Regards,
A. Benz
On 11/11/17 09:54, Amos Jeffries wrote:
On 11/11/17 14:03, Amos Jeffries wrote:
On 11/11/17 01:05, A. Benz wrote:
Hi Amos,
Thanks for your continued support.
1.
Do you mean the VPN exit point has that 10/8 IP address? or that
the traffic from the client is altered to be going to that IP
before it reaches Squid?
The latter is broken because it destroys the original dst-IP values
on the TCP connection. Which Squid needs to setup the server
connection.
Let me put it as an example:
From the normal internet: mail.amosprivateserver.org > publicly
accessible IP.
From my place: mail.amosprivateserver.org > 10.x.x.x (corporate
network, accessible only from within the place).
Anyways no worries about this! I decided to make an exception in the
redirect rule, so that if the outgoing traffic matches the IP
10.x.x.x then the firewall will not redirect the traffic to squid
and instead establish a connection directly.
This is not ideal, but it works.
Or have Squid relay everything through the same server(s) and
the server do the distinguishing between traffic and just relay
everythign to the same
Damn that sounds daft.
What I meant to write was:
Or have Squid relay everything through the same server(s) and
the server do the distinguishing between traffic .
Or setup a cache_peer and have the traffic with src IP of the internal
clients going to that domain sent there.
Amos
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
