owaisberg Wed, 03/28/2007 - 06:06
User Badges:


Best practices when running your LAN on proxy


CLIENT portion:

1. All clients IE configured with Proxy IP

and allowed to reach Proxy only for

HTTP/S, FTP and possible other protocols

that can be supported by proxy

2. All DNS clients query local DNS server

only to get external names resolved


1. Only Proxy allowed out for HTTP/S, FTP

and other protocols used by clients

against proxy

2. Only DNS server allowed out for name

queries and zone transfers (TCP/UDP:53)

Having setup above implemented will allow

you to have you clients to go to the Internet through the Proxy only and at the same time Proxy will have connectivity to

serve the clients.



*Please rate all usefull posts

owaisberg Wed, 03/28/2007 - 15:10
User Badges:

It is best to have proxy on the same

subnet of internal interface of the

firewall (LAN), this way you need to cross firewall only once on a way out.



* Plz rate all useful posts


This Discussion