[squid-users] User linked to static unique outbound address

Milan milan at serveo.nl
Mon Nov 15 17:09:02 UTC 2021 

Hi,

Never mind, we found a different solution.

Cheers,

Milan 

> On 11 Nov 2021, at 12:11, Milan <milan at serveo.nl> wrote:
> 
> Hi Guys,
> 
> Currently I’m trying to setup a SQUID 4.11 proxy for approx 100 users, which should be assigned to static outbound IP. The inbound IP address should not be filtered / checked. Following multiple topics and the documentation I did setup the following configuration. Yet seemingly I keep running into non-functioning of the intended configuration. Basis Idea is as followed:
> 
> user1 > 199.199.199.2 (outbound address)
> user2 > 199.199.199.3
> user3 > 199.199.199.4
> user4 > 199.199.199.5
> etc...
> 
> Hence I filled /etc/squid/userip.conf as followed:
> 
> ###
> 199.199.199.2 user1
> 199.199.199.3 user2
> 199.199.199.4 user3
> 199.199.199.5 user4
> ###
> 
> With the following configuration file /etc/squid/squid.conf:
> 
> ###
> acl http proto http
> acl port_80 port 80
> acl port_443 port 443
> acl CONNECT method CONNECT
> 
> auth_param basic program /usr/lib64/squid/basic_ncsa_auth /etc/squid/passwords
> auth_param basic realm Please enter username and password
> 
> acl authenticated proxy_auth REQUIRED
> 
> external_acl_type userip %MYADDR %LOGIN /usr/lib64/squid/ext_file_userip_acl -f /etc/squid/userip.conf
> 
> acl userip external userip
> 
> http_access allow userip
> http_access deny all
> 
> http_port 3128
> acl ip1 myip 199.199.199.2
> tcp_outgoing_address 199.199.199.2 ip1
> 
> acl ip2 myip 199.199.199.3
> tcp_outgoing_address 199.199.199.3 ip2
> 
> acl ip2 myip 199.199.199.4
> tcp_outgoing_address 199.199.199.3 ip3
> 
> acl ip2 myip 199.199.199.5
> tcp_outgoing_address 199.199.199.3 ip4
> EOF
> ###
> 
> So far I tried both “external_acl_type userip %MYADDR”  &  "external_acl_type userip %SRC” yet I keep running into this error and the proxy does not to functioning:
> 
> 1636498565.031      0 xx.xxx.xxx.xxx TCP_DENIED/407 4186 CONNECT xxx:443 user1 HIER_NONE/- text/html
> 
> Anyone knows how to solve this matter? Your input would be much appreciated!
> 
> Please advice, thanks!
> 
> 
> Best,
> 
> Milan
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20211115/8e47c38c/attachment.htm>

More information about the squid-users mailing list