Solutions for Linux Desktops using NT Proxy? 18
prac_regex asks: "I'm both lucky and unlucky. Unlucky that im in an NT proxy environment, but lucky that I am able to use Linux at work for all of my work requirements. I can talk to the file servers via Samba and get email from our exchange server via kmail, but for things that require talking to servers outside the proxy, I fail for nearly everything but web-browsers. My question is what solutions exist to communicate to the NT servers for applications that may or may not have proxy settings? Even things like xchat --with-socks I cant get to work. the NT server simply seems to ignore me. I know microsoft does make things difficult for everyone that doesnt use windows, but Im sure people have solved this. My goal in the longrun is to get the proxy off NT but in the meantime..."
I think you're out of luck... (Score:2)
My solution was to set up a UNIX proxy server using squid, but that really didn't solve everything. Eventually, I got a job at an Internet company where I could make the rules. Much better that way!
Brad Johnson
--We are the Music Makers, and we
are the Dreamers of Dreams
Out of luck, but investigate SOCK (Score:2)
Since this client is obviously not released for any other platform than Windows, you're out of luck. It's a shame since, beside being locked to Windows, MSP is great. That's the only proxy that I know of that can transparently forward ANY application, log connection and is able to tunnel TCP/IP application connection through IPX (yes! TCP/IP over IPX !!!).
One way around it might be to install some kind of NAT software on a Windows box that has the proxy client installed, then route through it. May require some voodoo to work.
You should also investigate SOCKS support of MSP. I am pretty darn sure they add it to 2.0 (I admined 1.0).
Easy: (Score:1)
Good Luck... (Score:2)
Makes you kind of sick and just cements the notion in my head that MS software needs to be banished from my computers like the cancerous disease it is.
I used to admin a network of macs. When i arrived, they were behind a MS Proxy Server firewall. so no FTP access etc.
I replaced it with a 486-based Linux router that ran off a single floppy. Never skipped a beat, supported all proxy services the MS Proxy did and let the Macs use ftp etc. I use my linux box at home to do the same thing, although there is only one machine behind it.
In my current job, i am also behind an MS Proxy firewall, so when i try and run the BeOS to test it, i can't surf the web or anything. I have a linux box on my desk too, which is also cut off from the outside world.
Unfortunately everyone else in the office uses Windoze, so theyre not too happy with the idea of me replacing the Proxy Server, and our sys admin refuses to contemplate the idea of actually becoming competent with TCP/IP networking or any of the other technologies he works with every day, instead relying on the Microsoft 'Tools' to muddle through.
The only thing Proxy Server does that an ipchains-based setup won't is to forward HTTP packets based on the URL in them - i.e. you can have all requests for 'http://myorganisation.com/images/' sent to one server, and all requests from 'http://myorganisation.com/html/' sent to another server.
Quite nifty, but i'm sure there are free alternatives for this type of thing. I know there are commerical BSD-based firewalls that do this very well.
MS poxy (Score:2)
MS Poxy supports the usual CERN http/ftp proxy stuff.
MS Poxy also has a proprietary proxy protocol that only works with their (vile) Windows client.
MS Poxy also supports Socks 4, but not Socks 5. Ask your admin guys about the settings, and try and find a Socks 4 client for whatever you're doing. I've gotten Mirc to work over Socks 4, so it can be done...
The proxy documentation is probably hidden somewhere on the MS web site, or if your admin guys are co-operative it's also on the CD.
Re:MS poxy (Score:1)
Re:Out of luck, but investigate SOCK (Score:1)
Most gopher sites say something like "See our web page at HTTP://..."
But some of the die-hards are still there! Smithsonian, MIT etc!
Tunnel (Score:2)
A wealthy eccentric who marches to the beat of a different drum. But you may call me "Noodle Noggin."
Authentication... (Score:1)
Re:Authentication... (Score:1)
It sounds as if you're referring to "NT Challenge/Response authentication", which is the default. Apparently there's some proprietary messaging with IE. There are MS KB articles about it: Q245237 [microsoft.com] - "Configuration to Enable the Netscape Browser to Function Properly in a Proxy 2.0-Based Environment", although the proper choices in the IIS configuration menus is not obvious. There are other KB articles, but this seems the most helpful.
I haven't tried this... (Score:1)
Take an NT workstation with the MS Proxy client installed and then install a socks proxy on the same machine. Then bounce your connections through it.
Second idea: Take an NT workstation and install NAT32 or another NAT program and set your workstation's default gateway to that workstation. If it works, all applications should work without changes.
Re: (Score:2)
this should work: (Score:1)
Re:I think you're out of luck... (Score:1)
No problem! (Score:2)
Squid will do this, and does it rather well if I recall. Should take about five minutes to configure the first time. Squid and ipchains server two very different purposes and can be used together without a hitch.
Re:Proxies are a poor solution (try Dante!) (Score:2)
I do agree that msproxy is (ahem) a non-optimal solution. I've run across MS Proxy twice in customer environments due to reported problems. In both cases, the MS proxy was the problem.
In the first case, the box was going catatonic requiring a reboot almost daily. No amount of MCSE's or service packs could fix it. We eventually rebuilt it with Linux and Squid. It's given one problem in the six months since installation when the cache disk ran out of inodes.....
In the second case, it was due to the proxy not handling HTTP/1.1 requests correctly for virtually-hosted sites. We chained the msproxy to an upstream netscape proxy which did.
For the problem at hand, check out Dante [www.inet.no]. It's a socks package that has beta support for acting as a msproxy client. From the README:
They also warn you that it may crash your msproxy, but that was just a matter of time anyway, rightI feel your pain (Score:1)
If you figure something out, I'd appreciate hearing it too.
Use SOCKS (Score:1)
If the MS Proxy Server is Ver.2, then you can use SOCKS-enabled clients.
Check out
http://www.socks.nec.com/socksfaq.html
Then search on the MS site & elsewhere for info on the "Socks Proxy Service", which is the component that supports SOCKS 4.3a.
Here is how the Macintosh-heads deal with it:
http://www.macwindows.com/MSProxy.html
Good luck!