Roland, List
Use the RH firewall, dialup or not. I did the migration for my company
using the following steps, hopefully you find this helpful.
1st Machine is NT4 + MS Proxy, everyone uses to get to internet, address is
10.0.0.2
Setup a RH 7.3 box with iptables at 10.0.0.1
Modified DHCP to set 10.0.0.1 as gateway, not 10.0.0.2.
As machines on the network got new/renew addresses they moved over to the
new gateway with no BS proxy. I then had to double check each windows box,
config IE, and remove the stupid proxy client, but it wasn't that bad. It
took one week to get everyone migrated.
/B
----- Original Message -----
From: "Roland van Oostveen" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, January 05, 2003 13:26
Subject: RE: Accessing the internet through MS Proxy Server 2
> Hi,
>
> I changed the authentication in IIS (Console Manager) and this did the
> trick. I can now get out to the Internet from my RH7.2.
>
> Thank you to all who came up with suggestions.
>
> Eventually I will be moving my gateway to another machine (Win2000 or RH)
> but am still looking at the migration possibilities and trying to decide
> which would be the least disruptive.
>
> Thanks again.
>
> Roland van Oostveen
> Narnian MicroComputer Services
> Web Site: http://narniancomputer.com
> Email: [EMAIL PROTECTED]
> Phone: 905-986-0221
> Fax: 905-986-0221
> Cell: 905-767-5993
>
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Jeffrey Tadlock
> Sent: January 5, 2003 2:25 PM
> To: [EMAIL PROTECTED]
> Subject: Re: Accessing the internet through MS Proxy Server 2
>
>
> On Sun, Jan 05, 2003 at 09:53:34AM +0800, Edward Dekkers wrote:
> > > Another issue is that MS proxy uses NTLM (NT Login Manager) to
> > > authenticate you onto an MS Proxy. With IE your login Info is sent
> > > through transparently, but a Unix browser does not have this facility.
> >
> > No way to turn that off?
>
> It has been a long time since I have worked with MS Proxy Server
> 2.0. By default it does want to use NTLM to authenticate you,
> but I also believe you can allow it to use Basic authentication
> which would allow Mozilla, Netscape, etc to work with the Proxy
> Server.
>
> I think to change this on the Proxy Server you have to make the
> configuration change under the default web site in IIS and check
> off Basic as an authentication type.
>
> > There's no way the original poster can use an MS proxy server on Linux?
>
> The above steps should allow a non-MS web browser to work through
> the MS Proxy Server. One thing to keep in mind though is that
> other non-web based services need the MS Proxy client to be able
> to use the Proxy service for access to the Internet. (this
> includes telnet, ssh, smtp, etc.). There is not a Proxy Client
> for non-MS machines.
>
> If the original poster must use an MS product then one could
> upgrade to MS ISA Server which allows clients on the local LAN to
> become NAT clients bypassing the need for a Proxy client.
>
> I myself would replace the MS Proxy server with a Red Hat box
> with IP Masquerading and Squid. In the end it allows a much more
> tuneable config.
>
> Hope this helps!
>
> /jft
>
>
>
> --
> redhat-list mailing list
> unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
> https://listman.redhat.com/mailman/listinfo/redhat-list
>
>
>
>
> --
> redhat-list mailing list
> unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
> https://listman.redhat.com/mailman/listinfo/redhat-list
--
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list
