[squid-users] User linked to static unique outbound address
Milan
milan at serveo.nl
Thu Nov 11 11:11:18 UTC 2021
Hi Guys,
Currently I’m trying to setup a SQUID 4.11 proxy for approx 100 users, which should be assigned to static outbound IP. The inbound IP address should not be filtered / checked. Following multiple topics and the documentation I did setup the following configuration. Yet seemingly I keep running into non-functioning of the intended configuration. Basis Idea is as followed:
user1 > 199.199.199.2 (outbound address)
user2 > 199.199.199.3
user3 > 199.199.199.4
user4 > 199.199.199.5
etc...
Hence I filled /etc/squid/userip.conf as followed:
###
199.199.199.2 user1
199.199.199.3 user2
199.199.199.4 user3
199.199.199.5 user4
###
With the following configuration file /etc/squid/squid.conf:
###
acl http proto http
acl port_80 port 80
acl port_443 port 443
acl CONNECT method CONNECT
auth_param basic program /usr/lib64/squid/basic_ncsa_auth /etc/squid/passwords
auth_param basic realm Please enter username and password
acl authenticated proxy_auth REQUIRED
external_acl_type userip %MYADDR %LOGIN /usr/lib64/squid/ext_file_userip_acl -f /etc/squid/userip.conf
acl userip external userip
http_access allow userip
http_access deny all
http_port 3128
acl ip1 myip 199.199.199.2
tcp_outgoing_address 199.199.199.2 ip1
acl ip2 myip 199.199.199.3
tcp_outgoing_address 199.199.199.3 ip2
acl ip2 myip 199.199.199.4
tcp_outgoing_address 199.199.199.3 ip3
acl ip2 myip 199.199.199.5
tcp_outgoing_address 199.199.199.3 ip4
EOF
###
So far I tried both “external_acl_type userip %MYADDR” & "external_acl_type userip %SRC” yet I keep running into this error and the proxy does not to functioning:
1636498565.031 0 xx.xxx.xxx.xxx TCP_DENIED/407 4186 CONNECT xxx:443 user1 HIER_NONE/- text/html
Anyone knows how to solve this matter? Your input would be much appreciated!
Please advice, thanks!
Best,
Milan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20211111/ef798a1b/attachment.htm>
More information about the squid-users
mailing list