I'm not sure if this is supposed to go here but....
I have a fully operational ClearOS box with dansguardian authentication using AD through LDAP for collection of the user name for reporting and squid serving a custom "Page Blocked" message. This is in stand alone mode with no firewall.
With all that being said I am getting a issue where once the user is not connected internally through LAN and connected through the internet using our Cisco VPN set up the sites get blocked and states that access has been denied.
Any help on this would be greatly appreciated.
Nigel
I have a fully operational ClearOS box with dansguardian authentication using AD through LDAP for collection of the user name for reporting and squid serving a custom "Page Blocked" message. This is in stand alone mode with no firewall.
With all that being said I am getting a issue where once the user is not connected internally through LAN and connected through the internet using our Cisco VPN set up the sites get blocked and states that access has been denied.
Any help on this would be greatly appreciated.
Nigel
In VPN
Share this post:
Responses (1)
-
Accepted Answer
Hi Nigel,
Just a quick note, I too had this issue, you need to edit your squid.conf file. This may not be the 'best' way to do it, but you need to add your VPN to the allowed proxy sites:
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
# Example rule allowing access from your local networks. Adapt
# to list your (internal) IP networks from where browsing should
# be allowed
#acl our_networks src 192.168.1.0/24 192.168.2.0/24
#http_access allow our_networks
# dcc mod 4th december 2009
acl a1 src 10.1.2.0/16
acl mm src 10.12.0.0/16
acl hh src 10.15.0.0/16
acl cc src 10.16.0.0/16
acl ee src 10.17.0.0/16
acl ww src 10.18.0.0/16
acl ee src 10.17.0.0/16
acl ww src 10.18.0.0/16
acl hg src 10.19.0.0/16
acl gh src 10.20.0.0/16
acl kk src 10.23.0.0/16
acl ss src 10.24.0.0/16
acl bv src 10.25.0.0/16
acl cb src 10.40.0.0/16
http_access allow a1
http_access allow mm
http_access allow hh
http_access allow cc
http_access allow ee
http_access allow ww
http_access allow hg
http_access allow gh
http_access allow bv
http_access allow kk
http_access allow ss
http_access allow bv
http_access allow cb
# And finally deny all other access to this proxy
http_access allow localhost
http_access allow pcngroup-RB pcntime-RB
http_access allow webconfig_to_lan
http_access allow webconfig_lan
http_access deny all
Hope that helps
David
Please login to post a reply
You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.
Register Here »