EXPLORING PROXY SERVER SOFTWARE: CONFIGURING CLIENT SOFTWARE FOR YOUR PROXY SERVER
by Mark Edwards
This article looks in depth at configuring some popular client software packages that you can use with Proxy Server. You’ll see that configuring any proxy-enabled client software for use with Proxy Server is straightforward once you know and understand the fundamental parameter requirements.
As a proxy server, Proxy Server can act on behalf of other computers on a network. Proxy Server provides access to TCP/IP networks such as the Internet while keeping the workstation address anonymous.
Remember, if you use the Lmhosts file to establish a load-balanced proxy environment, when you configure client software packages, you’ll want to use the proxy group name you established in the Lmhosts file. If you don’t want a particular client software package to use the load balancing group, configure that client software to use your preferred proxy server name.
The Web browser is probably the most common type of client software people use on the Internet today. Let’s configure two popular Web browsers, Internet Explorer (IE) and Netscape Navigator. We’ll also explore RealAudio, an audio software tool, and VDOLive, a video software tool.
You sometimes need to bypass the proxy altogether to reach a certain Internet site. This need can occur if a site is behind a firewall. A proxy running on a host server outside a firewall cannot connect to a server inside the firewall. To work around this firewall restriction, you must bypass the proxy.
Also, if your network uses nonroutable IP addresses you can’t bypass the proxy to reach sites on the Internet, because your network has no valid routes in and out of the Internet. However, you can still reach sites on your local network if your administrator has established the proper routes. When configuring your proxy server and clients, use routable IP addresses instead of nonroutable addresses to avoid headaches down the road.
Microsoft Internet Explorer 2.0
Configuring IE 2.0 for Windows NT is simple. To arrive at the Properties page, where you’ll make your configuration entries, click Start, select Settings, select Control Panel, double-click the Internet icon, click the Advanced property sheet tab, select Use Proxy Server, and enter the proxy server’s URL, for example
http://proxyserver:80
You must enter the proxy server’s URL correctly. The example shows the proper syntax to define the port that the proxy server listens to for incoming requests. At the end of the URL, you notice a colon followed by the number 80 (:80). When a client requests an Internet object, the proxy server receives and processes the request on TCP/IP port 80.
If you want to bypass the proxy server when connecting to certain Internet sites, enter those sites in the Bypass proxy on data-entry window. Let’s say you want to provide direct access to all computers at microsoft.com and direct access to all FTP sites listening on TCP port 21. To accomplish this task with IE 2.0, enter microsoft.com,:21, as shown in Figure 1. A comma must separate each entry in the Bypass proxy on window. Be sure to prefix the port number with a colon.
Internet Explorer 3.0
IE 3.0 configuration for NT is similar to that for IE 2.0, with some subtle but important differences. You arrive at the Properties configuration page for IE 3.0 in almost the same manner as with IE 2.0. To open the properties page, Proxy Settings, click Start, select Settings, select Control Panel, double-click the Internet icon, select the Connection tab, choose Connect Through a Proxy Server, and click Settings.
Figure 2 shows the two group boxes in this dialog box: Servers and Exceptions. In the Servers options group, you can make five entries, one for each of the following protocol types: HTTP, Secure, FTP, Gopher, and Socks. You can define a different proxy server for each of these types of Internet protocols. Just enter the appropriate proxy server information in the associated field.
If you prefer one proxy or group of proxies for all protocol types, check “Use the same proxy server for all protocols.” Checking this box grays out all the data entry fields except the ones associated with the Hypertext Transfer Protocol (HTTP). You then enter the proxy server or proxy group’s URL and port number in the corresponding HTTP fields. (Note: Although you enter the information in to the HTTP fields, the proxy server uses these same settings to process all other protocol requests.)
The second group box, Exceptions, has two setting options to configure, if you see the need on your network. The first field is “Do not use proxy server for addresses beginning with.” If you want certain protocols to bypass your proxy server so they have a direct connection, enter them in this field. For example, if you want all FTP connections to bypass the proxy server, enter ftp in the box. Be sure to use semicolons to separate all entries in this box.
The second field in the Exceptions group box is “Do not use proxy server for local (intranet) addresses.” Check this box to instruct the client software to directly connect to servers on your intranet, bypassing the proxy. This instruction improves the performance of client software packages because it removes the added overhead of communicating with Proxy Server. You use IP addresses and subnet masks to determine whether the destination is local.
Netscape Navigator 2.01
Netscape’s Navigator 2.01 is a popular Web browser. Let’s configure it step-by-step to work with the proxy server. Open Netscape Navigator, and select the Options menu. On the Proxies property page, select Network Preferences, select Manual Proxy Configuration, and click View. In each proxy field (HTTP, Gopher, FTP, Security, WAIS, and Socks), type the name of the computer running the proxy server and its associated TCP/IP port number.
In the “No Proxy for” field, shown in Figure 3, enter hosts that you want to access directly, bypassing the proxy server. For example, if you want Navigator 2.01 to connect directly to Netscape’s public Web server, enter www.netscape.com:80. And be sure to insert a colon before the port number.
Netscape Navigator 2.02 and 3.0
The Netscape Navigator 2.02 and 3.0 proxy configurations for NT are also straightforward. To configure Netscape Navigator 2.02 and 3.0 to use the proxy server for HTTP protocol requests, open Netscape Navigator, select Options, then Network Preferences. Select the Proxy tab and Manual Proxy Configuration, and click View. In each proxy field (FTP, Gopher, HTTP, Security, WAIS, SOCKS), type the host name or IP address of the computer running the proxy server, and enter the proxy server’s associated port number.
In the “No proxy for” field, follow the same instructions as for Navigator 2.01 to access hosts directly. Enter www.netscape.com:80 to connect directly to Netscape’s public Web server.
RealAudio
RealAudio is a popular software tool (available for Windows 95, Windows 3.1.x, NT, Mac OS 7.x, Linux, Solaris 2.4 and 2.5, SunOS 4.1.x, IRIX 5.3, and FreeBSD). It lets users listen to recorded and live audio across the Internet. RealAudio is widely used across the Internet as a means to deliver all sorts of creative audio content, ranging from live radio broadcasts to recorded speeches or mission statements from corporate executives.
Proxy Server supports RealAudio through the Remote Windows Socket (RWS) service. To configure the RealAudio Player software, you must understand how data moves across the Internet.
RealAudio supports two basic types of transmissions: Transmission Control Protocol (TCP) and User Datagram Protocol (UDP). I won’t go into all the details of these two protocols, but I will tell you that UDP is less reliable than TCP. UDP provides no error correction and no guarantee that UDP packets will arrive at their intended destination. When UDP packets do arrive at their destination, they do not necessarily arrive in the same order as you send them. But, UDP requires less overhead than TCP and is therefore faster.
In addition to a proxy server, some networks incorporate a separate packet filtering firewall system that doesn’t let UDP traffic enter your intranet. In these cases, you must either reconfigure your packet filtering firewall to allow UDP packets for RealAudio, or reconfigure RealAudio to use TCP. The choice is up to you and your network administrators. I won’t delve into using RealAudio in this article, but I’ll focus instead on configuring the software for use through the RWS using the UDP. RWS handles all Winsock applications transparently, so you do not need to configure RealAudio to use the proxy server. Be sure the proxy server is disabled in the RealAudio preference settings.
To configure RealAudio Player to receive audio with the default UDP, start RealAudio Player, select the View menu, and then the Network Preferences tab shown in Figure 4. Click UDP, select the Proxy preferences tab shown in Figure 5, and clear the Use Proxy field.
Use Specified UDP Port defines the port number the RWS service uses to receive RealAudio data from the Internet. Internet Service Manager in the RWS Permissions property sheet lets you specify the port setting on the RWS service.
VDOLive
Proxy Server’s RWS service supports the video protocol VDOLive (for Windows 3.1x, Windows 95, NT, and the PowerMAC). A VDOLive server can send continuous video images over the Internet to VDOLive-compatible clients. To configure your VDOLive client software packages to use Proxy Server, start VDOLive Player, click Setup, and select the Settings tab shown in Figure 6. Click “Automatic selection of UDP port” and type the UDP port number RWS uses for VDOLive. The default RWS port is 7001.
Macintosh, UNIX, and Other Clients
You can configure other operating system client types for use with Proxy Server as easily as for the examples you’ve seen so far. You can configure any software that uses a proxy server or is Winsock compatible for use with Proxy Server with a few simple parameters, including the name of the computer running Proxy Server and the port number Proxy Server uses for the particular protocol.
Rest Easier with Proxy Server
In closing this series on Proxy Server, I will say that you can configure RWS service for just about any custom protocol and port number. This capability provides a lot of forward compatibility for Proxy Server users, especially because developers introduce new Internet protocols every day.
A carefully planned and executed Proxy Server installation will undoubtedly let most network administrators sleep a little bit better at night, knowing their network environment is now a safer place to work from. Just remember: Never assume your network is completely safe. To ensure the highest degree of safety, you must continually monitor your systems and re-evaluate your policies and procedures. No network is impenetrable.
Critical Challenges of ESI & Email Retention Are you storing too much electronic information? Get expert legal advice and better understanding of what you are required to do as an IT professional.
Rev Up Your IT Know-How with Our Recharged Magazine! The improved Windows IT Pro provides trusted IT content with an enhanced new look and functionality! Get comprehensive coverage of industry topics, expert advice, and real-world solutions—PLUS access to over 10,000 articles online. Order today!
Get It All with Windows IT Pro VIP Stock your IT toolbox with every solution ever printed in Windows IT Pro and SQL Server Magazine plus bonus Web-exclusive content on hot topics. Subscribe to receive the VIP CD and a subscription to your choice of Windows IT Pro or SQL Server Magazine!
Order Your Fundamentals CD Today! Gain an introduction to Exchange, learn server security requirements, and understand how unified communications can play a role in your messaging strategies with this free Exchange CD.
Windows IT Pro
Register
