Deploy and Test a Squid Forward Proxy Server

1.5 hours
  • 8 Learning Objectives

About this Hands-on Lab

In this lab, we will provision and configure a simple Squid proxy server and test it with a client. We will also use an external web client system to test that it is caching web pages. This hands-on lab can be taken stand-alone or as part of the LPIC-2: Linux Engineer Exam 202 preparation.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Install Squid Proxy Server Software

Using the appropriate commands install the squid proxy server:

sudo yum install squid
Walk through the Configuration and Make Changes If Appropriate

Make any changes to the squid configuration to suit the Lab environment if required:

cd /etc/squid

vi squid.conf

NOTE: For this lab, you are not required to make any changes, the ACL for the local network (private) and the default port (3128) will
meet our requirements.

Enable and Start the Service

Using the correct commands, start the service and enable it to restart on a system reboot:

sudo systemctl enable squid

sudo systemctl start squid

You can check it is listening via:

telnet localhost 3128
Install and Configure a Web Client for Proxy Use

Using the approriate commands, configure a web client for use with the proxy server.

On the second server, export the ‘http_proxy’ variable to the private IP of the squid server:

export http_proxy=[squid server IP]:3128
Use the Client Web Browser to Verify Functionality

Check functionality of the Squid proxy server using a web browser or client.

Use the text web browser ‘lynx’ on server 2 to verify that a website comes up:

Stop the Squid Proxy Service to Understand the Various Errors and What They Mean. Once Tested, Start the Service Again.

Using the correct system commands, stop the service, examine the errors. Start the service and examine any errors or messages.

Back on Server 1 (where squid is installed), stop the squid service:

sudo systemctl stop squid

Verify it is stopped, the following should now fail:

telnet localhost 3128
Change the Proxy Configuration to Block Access from the Second Server. Examine the Message When You Try Access Again.

Note: You will need to restart the proxy server.

Edit the ACL for the private network to exclude access:

vi /etc/squid/squid.conf

sudo systemctl restart squid

Check your client with Lynx and verify the error message.

Change the Proxy Server to Re-enable Access from server2

Re-enable the access to the second server.

Additional Resources

NOTE: The supplied lab guide can help you through the tasks needed to complete this lab.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?