RE: [squid-users] Dial in users aren't hitting Squid

Are you sure you're configuring the proxy in the right place?
Tools->Internet Options->Connections, from there you can set the proxy in
two places... one is down in the 'LAN settings' button at the bottom. The
second is in the 'Settings...' button next to the dial-up accounts at the
top. You want the latter.

Bryan

If all else fails, make your squid a transparent proxy and forward all http
requests to it via routing rules.

-----Original Message-----
From: William Carty [mailto:admin@thinktankdecoy.com]
Sent: Wednesday, February 13, 2002 6:04 PM
To: Bill Updegraff; squid-users@squid-cache.org
Subject: Re: [squid-users] Dial in users aren't hitting Squid

Hi, thanks for the reply.

The problem isn't with porn blocking - that works fine.

The problem is that all of the users that dial up aren't even hitting
squid for some reason. It's like MSIE is ignoring the fact that I have
proxy settings enabled.

When I set up a box on the LAN, squid works fine - it's just when users
dial in.

Thanks.

----- Original Message -----
From: "Bill Updegraff" <bupdegraff@akbible.edu>
To: "William Carty" <admin@thinktankdecoy.com>
Sent: Wednesday, February 13, 2002 5:54 PM
Subject: RE: [squid-users] Dial in users aren't hitting Squid

> William,
>
> Is Squid by itself enough? My impression is that you will be better
served
> to add SquidGuard and DansGuardian.
>
> If you haven't done so, see
>
> http://www.cecea.org/jojo/cleanweb/#Introduction
>
> -Bill
>
>
> -----Original Message-----
> From: William Carty [mailto:admin@thinktankdecoy.com]
> Sent: Wednesday, February 13, 2002 1:31 PM
> To: squid-users@squid-cache.org
> Subject: [squid-users] Dial in users aren't hitting Squid
>
>
> I cannot figure this out & hope someone has some idea what is causing
it
> to happen...
>
> I have a squid box that dial in users are going to be using to access
> the web. It's set up to block porn / etc.
>
> Users dial in to a cisco 3640. The 3640 & the squid box are located
on
> the same physical network.
>
> If I sit at another workstation connected to the LAN that the 3640 &
the
> squid box are on - I set up MSIE to use the proxy & everything works
> fine.
>
> If I dial in & have MSIE configured to use the proxy, it bypasses it
> completely! I get no "access denied" from squid, doing a tail on the
> access log, I see absolutley no requests to squid as people are
surfing.
> It's as if MSIE is ignoring the fact that I've told it to use a proxy.
>
> The IP address pool the dialin users get their IP from is on the same
> subnet as the squid box & the router - so it should be like they're
> sitting on the LAN, too.
>
> I can't figure out why these dialin people aren't hitting the proxy.
If
> it were one machine, I'd pass it off as a problem with their set up...
> but I'm looking at about 15 people having the same problem.
>
> I've worked on this most of the day. Does anyone have any idea what
> would cause this sort of thing to happen?
>
> Here's the ACL section of my squid.conf... I don't think anything is
> wrong with it as I'm able to use the proxy from the machines on
> Ethernet...
>
> acl all src 0.0.0.0/0.0.0.0
> acl manager proto cache_object
> acl localhost src 127.0.0.1/255.255.255.0
> acl afam src 208.62.39.32/255.255.255.224
> acl SSL_ports port 443 563
> acl Safe_ports port 80 21 443 563 70 210 1025-65535
> acl Safe_ports port 280 # http-mgmt
> acl Safe_ports port 488 # gss-http
> acl Safe_ports port 591 # filemaker
> acl Safe_ports port 777 # multiling http
> acl CONNECT method CONNECT
> acl porn url_regex "/etc/squid/domains.block"
> acl notporn url_regex "/etc/squid/domains.exclude"
>
> http_access allow notporn
> http_access deny porn
> http_access allow manager localhost
> http_access deny manager
> http_access deny !Safe_ports
> http_access deny CONNECT !SSL_ports
> http_access allow localhost
> http_access allow afam
> http_access deny all
>
>
> TIA!!!!!!
>
Received on Wed Feb 13 2002 - 16:11:03 MST