I am trying to setup a proxy server but I am unable to do it. Here is the details of my setup
I have one Server(IBM X3800 series) and one Desktop PC. Server is having to network card connected to it. eth0 and eth1. eth0 is connected to WAN via global IP of 202 series and internet is working fine on server, I can connect to internet. eth1 is connected to switch and below is config in eth1
IP: 192.168.2.2
Netmask: 255.255.255.0
Gateway: 192.168.2.1
Network: 192.1968.2.0
Broadcast: 192.168.2.255
I have simply installed the squid proxy using apt-get install squid. I have changed the file
/etc/squid/squid.conf
and added the below details
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
acl lan src 192.168.2.0/24
http_access allow lan
and finally added these iptable rules
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j DNAT --to globalip:3128
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128
where globalip is the IP of eth0.
Now the desktop PC is connected to server via switch and the ip configuration for Desktop pc is this
IP: 192.168.2.4
Netmaskapt-get install squid: 255.255.255.0
Gateway: 192.168.2.1
Network: 192.1968.2.0
Broadcast: 192.168.2.255
I can easily ping from desktop to server and from server to desktop. But my desktop system cannot access the internet. So I guess that the problem is with the squid. Please help me to solve this issue. If you need any other information then please let me know.
Thanks
Have you tried to ping www.google.com? If you don't get a reply there might be a problem with your squid setup or iptables. If you can install bind9 for DNS support. Hope it helps.
Your "gateway" is listed as 192.168.2.1, but you are trying to do a transparent proxy on 192.168.2.2.
Your "server" which has real internet access on eth0 should not be listing a gateway in the configuration for eth1, as that will then give two default gateways, one of which its not clear can even work.
So, remove that default gateway, and set the client PC's default gateway to
192.168.2.2.I was also receiving the same error but here is how i solved, assign different network to both nic (network interface card)
Suppose you assign a 192.168.1.Ip to
eth0then you must assign 192.168.2.IP to
eth1You can use 192.168.2.ip or any other network other than that is assigned to
eth0that is 192.168.1.IP& suppose
eth0is connected to router it must have gateway as the routers ip& Suppose
eth1is connected to switch through which the client machines are connected the ip of proxy must be entered in proxy configuration in browser& also uncommented
net.ipv4.ip_forward=1which is present in
/etc/sysctl.conffile save settings & reboot confirm on the server that the ping is received by enteringping www.google.comfrom squid server & check if the internet is workingping the IP of
eth1that is the nic which connected from switch to clients pc. ping ip ofeth1from client terminalYour ip are 2.2 & 2.4 which are in the same network better change the ip of eth1 to 192.168.3.ip or replace the no 3 with any number other than 2 & there is no need to enter gateway in eht1 but the broadcast address also changes suppose you selected 192.168.3.IP for eth1 then the network is 192.168.3.0 & broadcast ip is 192.168.3.255
Below is my configuration
( LAN card IS connected to switch & clients are connected to switch)