On 27/05/21 8:43 pm, simon ben wrote:
Dear All,
I have the below setup running perfectly for a couple of years
Centos 8 X64
squid-4.11-3
configured in explicit mode so all client machines have the proxy IP
configured in their browser
Recently we have got a security cloud solution which requires the source
IP of the client machine
Okay. Have you looked into the ways it will accept that IP address?
Does it actually require direct connections from each client?
In that case you need to use TPROXY feature.
Otherwise,
You may be able to simply send a custom header containing the client's
IP. "Forwarded:" is the standard header for that use, there are also
many application-specific headers names around.
Since I have to configure the squid in transparent mode so the client
source IP is visible and as required for transparent mode config i need
to change the gateway to my squid server IP .
1 ) Is there any way so that I retain the source client PC IP in the
current setup ????
Please define "retain".
2 ) if only way possible is by reconfiguringĀ my current proxy to
transparent mode then if there is some way without changing the client
pc Gateway
Right Now the default gateway of the client PC is our Core switch vlan
ip address.
Any commercial router should provide capabilities to *route* client
packets to Squid machine and Squid's outbound to wherever they need to go.
Note that doing it this way can *double* or even triple the amount of
traffic load that switch is handling when Squid is in the same subnet as
the clients.
Amos
_______________________________________________
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
