WCCP and public squid proxy

Forum|Forum|8 years ago
January 27, 2018
1 reply
9317 views

Hi folks,

I'm looking for a great config to forward all HTTP/HTTPS traffic from the LAN clients to a public squid server through a fortigate (FortiWifi 60D).

Here is a tiny view of the network :

+----------------------+ (Internet)------| Squid (IPPROXY:3129) | | +----------------------+ | | +-----------------+ | wan1 (IPWAN) | | FGT | |internal (IPLAN) | +-----------------+ | | (LAN)

The linux box hosting the squid server is dedicated and fully configurable.

IPPROXY and IPWAN are public addresses

IPLAN is a private address on LAN (kind of 192.168.xx.0/24)

Thanks for your so helpful comments and advices ;)

emnoc

New Member

Are you doing transparent?

Since you have port3129 it seems like this a explicit-proxy. if your doing WCCP and transparent , hundreds of examples exist on the internet for setting up squild and the kb/cookbooks has a few advance examples for fortigate WCCP

Ken

MightyBobAuthor

New Member

Hi,

Indeed, I'd like to have a transparent proxy and don't want to change config an all devices...

I can change the squid config as needed. If port 3129 is not the best, I can change.

Examples I've found on the cookbooks are showing the config for a squid in DMZ or in LAN... but nothing a squid outside of the network. I mean my squid proxy is hosted in a public server on the internet.

Thanks for your help.

Bob