Re: [squid-users] Authenticated Chaining with M$ ISA Server

From: Christoph Haas <[email protected]>
Date: Mon, 19 May 2003 19:12:08 +0200

On Mon, May 19, 2003 at 05:16:26PM +0100, Adam_Humphreys@JLTGROUP.COM wrote:
> I'll freely admit I'm a hopeless newbie with both Linux AND Squid. But I'm
> trying to learn, so please be gentle ;o)

;)

> I want to configure Squid as the child cache in a chain with and ISA cache
> as the parent. The child will proxy intranet and Internet requests, with
> only Intranet requests going to the ISA server. The ISA Server requires
> users to authenticate against the Windows 2000 Active Directory domain.
>
> The Squid server is Red Hat Advanced Server 2.1 with Squid 2.4 R7 and my
> questions are:
>
> 1) Is this configuration possible?

IMHO yes.

> 2) Do I need Apache to run Squid?

No. Apache is a web server. Squid is a (web) proxy. Your client will use
the proxy to fetch the web page from any web server. The proxy stands
between the client and the web server.

> 3) Do have to configure any daemon or Squid to pass through the user
> authentication for Internet requests?

No. You can select a parent cache (see "cache_peer" in the squid.conf)
which will be the ISA server in your case. In addition you can tell
Squid when to use the parent (see "always_direct" and "never_direct").
Only one proxy instance can do the authentication. IIRC any member of
the proxy chain can do that.

> 4) To keep the Linux build minimal, what are the minimum things that need to
> be loaded?

Hmmm. I used a package of my distribution (Debian). Is there no package
for yours?

> Sorry for any idiotic terms or questions, but I'm trying! Any pointers in
> the right direction would be appreciated.

I wish I had been that eloquent when first touching Linux. :)

> The content of this e-mail (including any attachments) as
> [...]

Although off-topic I like to invest my two cents here. Disclaimers in
emails are not valid in a form of a contract. Tell that to your boss.
Plus a one-screen-large disclaimer is a little annoying.

 Christoph

-- 
~
~
".signature" [Modified] 3 lines --100%--                3,41         All
Received on Mon May 19 2003 - 11:12:12 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:16:45 MST