[squid-users] Setting up proxy with private to public
Antony.Stone at squid.open.source.it
Mon Apr 13 22:10:43 UTC 2020
On Monday 13 April 2020 at 23:46:46, Chris Bidwell - NOAA Federal wrote:
> Sure. So we have a few internal networks that aren't meant to have direct
> internet access without access through a proxy so that it can be better
> regulated and monitored.
Okay, that's a useful starting point.
> We've got several internal subnets that need to be able to talk through
> squid (I've chosen tcp/8080) to connect to from internally and want to
> translate that to an external IP address that does have access to the
> outside world.
That sounds perfectly straightforward, provided your Squid server has routing
to connect back to those internal networks.
> Once again, the squid server has two IP addresses. One internal, and one
> external. The outbound traffic would be accessible through that external
So, you configure your internal clients to connect to the internal address of
the Squid machine, and tell them that the proxy is listening on port 8080.
Add the subnet definitions (if they are not 10.0.0.0/8, 172.16.0.0/12 or
192.168.0.0/16) to Squid's configuration file. If you *are* using such RFC1918
addresses, these are automatically supported by Squid and you do not need to
configure for your internal network ranges.
You don't need to do anything special to get Squid to use its external address
for the connections out to the Internet - that's handled by the Linux
> I hope I'm making *some* sense. :)
I think so.
My suggestion from here on is: install Squid, configure a test client to use
it, and see if it works.
If not, give us enough information to understand what you've done (both the
setup and the testing) so we could reproduce it for ourselves, and we'll try
to help further.
Warum können Seeräuber nicht den Umfang eines Kreises berechnen?
Weil sie Piraten...
Please reply to the list;
please *don't* CC me.
More information about the squid-users