[squid-users] Logging of 'indirect' requests, e.g. involving NAT or VPN
Henry S. Thompson
ht at inf.ed.ac.uk
Fri Jun 26 11:20:00 UTC 2015
Antony Stone writes:
> Imagine the following setup:
>
> Organisation has a bunch of servers (maybe at their office in a
> server room, maybe in a data centre, doesn't matter which), some of
> which have public IPs, but all of which have private IPs on an
> internal subnet (for system management purposes, aside from anything
> else). One of these servers is the squid proxy. Another server is
> the VPN endpoint for remote client machines.
Got it, makes sense, thanks.
> Remote client connects to public IP of the VPN server, gets assigned a
> 192.168.x.y address. Remote client is configured to use the Squid proxy
> server. When it does so, its request (from 192.168.x.y) is routed from the
> VPN endpoint to the Squid server (they can talk directly to each other because
> they're both on the same subnet, no NAT involved) and the Squid server then
> sends the request out to the Internet to fetch a web page.
>
> The client IP logged by the Squid server in this scenario is 192.168.x.y
Thanks, that helps a lot.
> I repeat my recommendation - pick one of the 192.168.m.n addresses
> you're seeing in the log files and ask whoever looks after this
> network which machine has that address (or at least, what that
> subnet range is used for)
Will do.
ht
--
Henry S. Thompson, School of Informatics, University of Edinburgh
10 Crichton Street, Edinburgh EH8 9AB, SCOTLAND -- (44) 131 650-4440
Fax: (44) 131 650-4587, e-mail: ht at inf.ed.ac.uk
URL: http://www.ltg.ed.ac.uk/~ht/
[mail from me _always_ has a .sig like this -- mail without it is forged spam]
More information about the squid-users
mailing list