On Thu, Dec 28, 2000 at 07:39:56PM +0900, Henry Nelson wrote:
> Our school recently connected the web proxy up to a high speed line,
> but when I tried to use it from within the firewall for our lab, I
> couldn't connect.  Since "pass in/out from any to any" in ipf.conf
> still doesn't allow a connection to the http proxy (Squid?), I am
> suspicious of ipnat, but I haven't hit on anything yet.  There doesn't
> seem to be an internal http proxy like there is for ftp.
> 
> How does one use an external http proxy from within a firewall? Clients
> inside the firewall can still connect directly with web sites, but I'm
> afraid the school eventually is going to force all traffic through the
> proxy, so I want to be ready for that.  TIA.

A connection to a proxy is just like a connection to a http server.
So I suspect a problem on the proxy side.
One thing you could try is to connect to the proxy using telnet:
telnet <proxy_name> 3128
assuming the proxy port is 3128

If it successfully connects you can try to retrive a page:
GET http://www.netbsd.org/ HTTP/1.0

(you need to press enter a second time after entering the line)

--
Manuel Bouyer, LIP6, Universite Paris VI.           Manuel.Bouyer@lip6.fr
--