Hi Alessandro,
Transparent proxy will not be useful for HTTPS connections.
To handle HTTPS you'll need not-transparent proxy.
Provisioning users / computers, you should give more information about
the OS those users are using.
In our environment, I have about 400 workstations running windows, and I
do handle all through a single server running FreeBSD with squid,
negotiate kerberos auth to Active Directory and digest authentication
over LDAP to AD too.
I do provision the users proxy settings with GPO (group policy objects)
and proxy auto-configuration as Sven mentioned.
I had two servers running carp before, after that I had two servers
using DNS round robin. Windows (didn't try other OSes, it should be the
browser that handles the fialover) seems to work with the DNS for the
proxy, if one of the hosts is down, IE and Firefox was able to fail over
to the second host. I didn't test with other browsers.
Cheers,
Rosen
Alessandro Baggi wrote, On 3/10/2013 5:38 AM:
Hi list,
I'm plannig to setup a squid proxy for a network with about 120 User.
I have not great experience with proxying network that has over 20 user.
For this scenario, is better transparent or not-trasparent proxy?
I've searched on the web but can't get real experience pros and cons
with these two type of method.
Someone has expirience about using trasparent vs not-trasparent proxy,
problems found with these two method, ecc?
Another question is about DansGuarding. More people say that seems to
be dead. It's true?
Thanks in advance.
