EFW Support
Welcome,
Guest
. Please
login
or
register
.
Did you miss your
activation email?
Saturday 21 December 2024, 04:56:43 pm
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
The Latest Endian Firewall is now available for download
HERE
14262
Posts in
4377
Topics by
6517
Members
Latest Member:
Sandro
Search:
Advanced search
EFW Support
Support
EFW SMTP, HTTP, SIP, FTP Proxy Support
use only proxy server
0 Members and 2 Guests are viewing this topic.
« previous
next »
Pages:
[
1
]
Author
Topic: use only proxy server (Read 32377 times)
supportov
Jr. Member
Offline
Posts: 1
use only proxy server
«
on:
Saturday 30 July 2011, 11:16:26 pm »
Hi all,
I would like to use only the proxy server part from endian, i already have a router that is gateway , i have installed Endian 2.4.1 , and i would like all http traffic to go to the proxy server on my endian. Is there a way i can route the trafic to the proxy server.
Thanks,
Logged
Milkwerm
Jr. Member
Offline
Posts: 6
Re: use only proxy server
«
Reply #1 on:
Thursday 04 August 2011, 07:53:04 am »
This is exactly how I use my Endian install. just install with one NIC (RED) and set it to gateway in the network settings pages.
Although I'm hunting around now for a content filter capable of Kerberos authentication due to the number of Win7 and server 2008R2 installs were pushing out. Modifying reg keys to enable ntlm v2 on all these boxes is a pain.
(and yes I could do it with Group preferences, but I'd rather do it using the correct mechanisms for the new OS's
)
Logged
mrkroket
Hero Member
Offline
Posts: 495
Re: use only proxy server
«
Reply #2 on:
Thursday 04 August 2011, 09:26:29 am »
Endian can use proxy http content filter.
You just connect to your active directory, and create rules with groups.
And it works, all http/https traffic goes via proxy and get logger by user.
Logged
Milkwerm
Jr. Member
Offline
Posts: 6
Re: use only proxy server
«
Reply #3 on:
Wednesday 07 September 2011, 02:18:12 pm »
I already have mine doing NTLM authentication via AD. what I want is native Kerberos support. MS has moved on from using NTLM as its main auth mechanism. A default Windows7 install will never get out though the proxy on a ENDIAN box (that has AD auth turned on) because of the lack of Kerberos support. Squid most definitely supports it as I have build a Debian/Squid3 box that worked, unfortunately finding a content filter with kerberos support is proving problematic (Dans Guardian has no immediate plans for it sadly).
Logged
mrkroket
Hero Member
Offline
Posts: 495
Re: use only proxy server
«
Reply #4 on:
Thursday 15 September 2011, 04:58:28 am »
A default Windows7 install will never get out though the proxy on a ENDIAN box (that has AD auth turned on)
I was writing this just with Win7 using non-transparent proxy...
I'm using Windows Server 2008 R2 as Active Directory, and I can use non-transparent HTTP proxy without problems, using NTLM auth.
I didn't change anything on either Win7 boxes or Windows 2008 R2 DC.
What I indeed change on 2.4.0 was some packages to allow Windows server 2008 R2 AD:
http://www.efwsupport.com/index.php?topic=1949.0
Logged
Milkwerm
Jr. Member
Offline
Posts: 6
Re: use only proxy server
«
Reply #5 on:
Thursday 29 September 2011, 12:56:49 pm »
Thanks mrkroket, I will have a play around with that.
Although mine was built in a 2k3 domain that is now mixed mode 2k3/2k8r2 DC's so it has always worked until I added the win7 clients.
I found that i had to edit the registry on Win7 to change the NTLMv2 settings before the browser would authenticate. never thought to check the Squid version after that.
Logged
mrkroket
Hero Member
Offline
Posts: 495
Re: use only proxy server
«
Reply #6 on:
Friday 30 September 2011, 02:36:04 am »
As you say you can always deploy the reg tweaks via GPO. This should be a one step update for all machines in your domain.
It's minor issue if with that works correctly.
Logged
fobe
Jr. Member
Offline
Posts: 2
Re: use only proxy server
«
Reply #7 on:
Friday 13 January 2012, 03:14:35 am »
Hi All,
I'm using EFW Community 2.5 but I'm unable to choose only the "RED" interface. I can use 1 NIC but then the "Wizard" is asking for a second RED NIC and also the RED NIC is then the same network as the GREEN NIC.
Could someone tell me how to accomplish to have Endian FW 2.5
only
as webproxy?
Logged
mrkroket
Hero Member
Offline
Posts: 495
Re: use only proxy server
«
Reply #8 on:
Friday 13 January 2012, 04:17:45 am »
You can create a "fake" RED interface, a RED gateway interface. Create it on Network->Interfaces->Uplinks, an uplink of type Gateway.
Logged
fobe
Jr. Member
Offline
Posts: 2
Re: use only proxy server
«
Reply #9 on:
Friday 13 January 2012, 04:51:38 am »
thanks for the fast reply & help, it's working now
Logged
davvidde
Full Member
Offline
Gender:
Posts: 68
Re: use only proxy server
«
Reply #10 on:
Monday 23 January 2012, 02:09:05 am »
I have an Endian 2.2 box (I know, I'm late yet) with the above config (one NIC, proxy server not transparent, dansguardian + AD 2000/2003 mixed) and I deployed with GPO the "LmCompatibilityLevel" registry key which permits in the Win7 Clients the authentication to the NTLM module in Squid/Endian.
Do Anyone know, if I upgrade to EFW 2.5, the Win7 Clients may authenticate without the "downgrading" of LMCompatibility Level?
Thanks
Davide.
Logged
Pages:
[
1
]
« previous
next »
Jump to:
Please select a destination:
-----------------------------
Announcements
-----------------------------
=> Project News
=> Latest News and Updates
-----------------------------
Support
-----------------------------
=> General Support
=> Installation Support
=> EFW SMTP, HTTP, SIP, FTP Proxy Support
=> VPN Support
=> Hardware Support
-----------------------------
Development
-----------------------------
=> EFW Wishlist
=> Contribute Your Customisations & Modifications
Page created in 0.125 seconds with 19 queries.
Powered by SMF 1.1 RC2
|
SMF © 2001-2005, Lewis Media
Design by
7dana.com