but what about the following scenario
LAN (192.168.0.*)
|
| (192.168.0.1)
PIX
^ (202.59.*.*)
/ \
/ \
(202.59.*.*) proxy internet (which i don't wanna use directly) (0.0.0.0)
|
internet (0.0.0.0)
so will it be possible now or still not? cause here what i want is to
redirect all port 80 requests to proxy server instead of going directly to
the internet
----- Original Message -----
From: "Meidinger Chris" <chris.meidinger@badenIT.de>
To: "Andrew Shore" <andrew.shore@holistic.it>; <A@B.COM>;
<firewalls@securityfocus.com>
Sent: Monday, April 03, 2006 3:21 PM
Subject: RE: pix and transparent proxy
Hi Andrew,
as far as I can tell, you're right. That config has nothing to do with
transparent caching.
Also it's for an ASA and not a PIX :(
Imran: I know of no way that you can use a 501 for transparent caching.
It's got 16 megs of ram, about 11-12 of which is taken when it's on
load. Where should the cached files be stored??
If you are thinking of a setup like:
Client
|
|
|
PIX---Proxy Server
|
|
|
Internet
Where web requests are sent transparently to the proxy server, you can't
do it on a 501. The PIX v. 6.x will *not* turn a packet around on one
interface and route it back out. With only two interfaces on a 501 (one
of which is the 4-port switch) you are out of luck on that one.
Cheers,
Chris
-----Original Message-----
From: Andrew Shore [mailto:andrew.shore@holistic.it]
Sent: Friday, March 31, 2006 4:51 PM
To: A@B.COM; firewalls@securityfocus.com
Subject: RE: pix and transparent proxy
This just enables the web interface for all internal users. Whats this
got to do with transpatent proxy? Or have I missed part of
this thread!
-----Original Message-----
From: A@B.COM [mailto:A@B.COM]
Sent: 25 March 2006 17:32
To: firewalls@securityfocus.com
Subject: Re: pix and transparent proxy
READ THE MANUAL... :-)
interface Ethernet1
nameif inside
security-level 100
ip address 192.168.1.1 255.255.255.0
http server enable
http 0.0.0.0 0.0.0.0 inside
