Posted by: alessandro.panzetta
DansGuardian, ISA Server, IT support, SARG, Security, Squid, TLBAT, VMware
In this article I’ll explain how you can have your proxy server and content filtering for your network absolutelly for free allowing you to save at least 1600 USD (Microsoft ISA 2006 Standard Edition)!!
We will use the free VMWare Server and the Squid Proxy + DANS Guardian appliance. The appliances are precompiled and configured virtual machines for the VMWare Server/player that you can download from the VMWare site and that you can “mount” and, with little effort, use in your environment. In addition to the proxy/content filtering machine you may like to add a report generator so you can always have nice reports showing blocked sites/users/ip addresses and more, this good tool is called SARG
The scope of this article is to have a solid proxy server and a content filtering for internet browsing so you can both masquerade your network clients and provide a caching solution that can ease the clients’ surfing experience. In addition you can have a content filtering where you can block/allow access to sites and contents soyou can have a complete control on where/when/what your client computers can do on the Internet.
Install the VMWare Server and place the file of the appliance that you just downloaded in a directory that you prefer (normally it is C:\Virtual Machines) . Open the VMWare Server Console and choose File/Open, browse your computer where you saved your file before; this will add the virtual machine to the inventory.
Start the machine and follow all the steps requested during the startup process.
Once that the vm has started login with user=root and password=proxy2006 then change password by issuing the passwd command:
At this point you can configure your IP address (first you have to configure the VMWare Virtual Networks). To do so you have to:
- Login to the VMachine
- Issue the ifconfig eth0 command
- Read the inet addr value and use it in your internet broswer (Example https://192.168.0.100:10000)
At this point in your internet browser you will have the web interface (Webmin) to the system where you can manage every single setting, from the network configuration, to the startup levels and so on.
I suggest you using the Webmin interface if you are not really familiar with Linux commands or Putty if you want to access the system via SSH console.
At the beginning the content filtering could be really restrictive, I suggest you testing the sites you want to be listed/banned and check/configure the groups (Ex. /etc/dansguardian/bannedsitelist).
After you have configured all the VM settings, the DANS Guardian and so on you are ready to test and implement your solution…we spent about 1/2 hours but saved lots of bucks!!