 |
| Home Download SSH Accounts How To Uses Specs FAQ Forums Contact |
 | | |
(You will likely have to ask your system administrator for your Proxy configuration settings.)
Motivation: Many companies, and even some home users, use a type of firewall called a Proxy Server. Examples of Proxy Servers are Microsoft's ISA (Internet Security and Acceleration) Server, Checkpoint's Firewall, Apache, and more. Because Proxy Servers act on behalf of computers connecting through them to the Internet, instead of those computers connecting directly to the Internet, Safe Passage must be configured to work with these "firewalls".
Proxy Servers offer two methods for "client" computers to connect directly to the Internet.
- HTTP Proxy servers make connections to the Internet on behalf of your computer. The exception to this is when your computer connects to a Secure Web Server. Because Secure Web Servers use SSL, which ensures that the client is connecting directly to the server, HTTP Proxy servers cannot make the connection on behalf of the client, and must allow a direct connection.
Because SSH uses SSL, SSH traffic appears to Proxy Servers to be SSL Web traffic.
Most HTTP Proxy servers only allow SSL connections to TCP port 443, so if you're using an HTTP Proxy, your SSH host will probably have to run on TCP port 443.
- SOCKS Proxy servers (generally speaking) create on-demand openings in the firewall so that clients can connect directly to Internet hosts. If you have a SOCKS proxy available, you should configure Safe Passage to use it instead of an HTTP Proxy server. You will likely have to configure your Proxy Type, Proxy Hostname, SOCKS version, and possibly your SOCKS login information.
In either case, if you are required to use a Proxy server, you will have to "de-configure" any applications (i.e. browser, email, etc.) that use the proxy, setting them to use normal Internet for Safe Passage to function correctly.
|
|
|