Re: [fw-wiz] PIX Transparent proxy
From: Kevin (KKadow_at_gmail.com)
To: Juan Pablo Feria <firstname.lastname@example.org> Date: Fri, 22 Oct 2004 22:58:05 -0500
On Fri, 22 Oct 2004 12:13:38 -0700, Juan Pablo Feria
> I want to use "Transparent proxy" with a PIX using squid cache
Are you looking to use the Squid cache for caching?
Do you have the option to reconfigure the clients to use an explicit
configured proxy instead?
> on the squid documentation tells about routers, but the configuration
> commands are not on the pix...
> On pix documentation appears commands to communicate with Websense and
> other commercial products...
IIRC these options are for passing URLs (only the URL, not the
session) to a remote filter service which will return a simple
permit/deny response code. This is sufficient for filtering, but does
not help at all in caching.
> Anyone has any ideas to send the port 80 requests to the squid box?
I do not believe PIX offers this functionality.
Cisco routers offer two distinct optiions which will assist in
deploying a "transparent" caching proxy -- route-map (to re-route
packets to a cache based on the port, protocol or any other ACL match)
and Web Cache Communication Protocol (WCCP).
So if you had a router that supports either of the above features, you
could configure the router to re-route the packets to the Squid
server, but PIX is not a router, and does not offer these routing
firewall-wizards mailing list