I'm using the ASL 3.202 ver., I have a question about the proxy service. Do I need to turn both socks and http proxies together to provide the proxy service?
depends on your needs. if you just want to browse the web and do some ftp, the HTTP proxy does the job. if HTTP is not enough for some applications, use socks.
I would prefer masquerading (instead of socks) whenever possible. With socks you'll open the net for your users .. without any possibility to limit it to special ports.
ICQ cannot. It works best if you tell it to use the SOCKs proxy. If you don't want to use socks, you'll have to open a LOT of ports and tell ICQ it's behind a NAT firewall, but it will be very unreliable.
Thanks a lot! One more question, on my firewall setup I put 3 nics on it. Two public IPs and one private IP. One of pubic nic connects to the internet router and one to the DMZ. The private one and the internet nics both work fine after I configured the http proxy...,but the the other nic with public IP failed. I found it with the IP spoofing. How can I resolve? The DMZ zone I point the gateway to the ASL firewall, is that right? But I can't ping the firewall at all..please help!
Thanks a lot! One more question, on my firewall setup I put 3 nics on it. Two public IPs and one private IP. One of pubic nic connects to the internet router and one to the DMZ. The private one and the internet nics both work fine after I configured the http proxy...,but the the other nic with public IP failed. I found it with the IP spoofing. How can I resolve? The DMZ zone I point the gateway to the ASL firewall, is that right? But I can't ping the firewall at all..please help!
In you webadmin go to "Network -> DNAT/SNAT" and add a masqarade rule. Masq internal network on WAN Interface. You needn't even tell icq to use a proxy. It works perfekt like that.
