This feature enables a proxy to authenticate through a SOCKS 4 or SOCKS 5 firewall. SOCKS is a circuit-gateway type of protocol. With SOCKS, hosts behind a firewall can gain full access to the Internet without full IP reachability. When SOCKS support is enabled, all requests sent to the Internet are forwarded to a SOCKS 5 server and the proxy is used for caching only.
When the proxy receives a request, it checks its cache. If the requested object is not in the cache, the proxy makes a TCP connection to the SOCKS server and redirects the request from the intranet to the SOCKS server, allowing for more secure Internet access. The SOCKS server then connects to the origin server and retrieves the object. Null and username/password authentication are supported.
Setting up HTTP or FTP proxy support through SOCKS has three steps:
The SOCKS client can also be used with a third-party SOCKS server instead of the Novell IP Gateway.
To set up the proxy server and the Novell IP Gateway to support SOCKS through HTTP proxy or FTP proxy:
In NetWare Administrator, select the Novell BorderManager 3.7 Setup page for the server.
From the Application proxy tab, select HTTP or FTP proxy.
Click SOCKS Client, then check the Enable SOCKS check box.
Specify the IP address of the SOCKS server.
Enter the port number of the SOCKS server.
The default is 1080.
Click Username/Password > enter a username and password that the proxy will use to authenticate with the SOCKS server.
If you select No Authentication and do not specify a username and password, null authentication will be used. The username and password must match the username and password configured for the SOCKS server or at the third-party SOCKS server. If you configure null authentication, make sure that the SOCKS server is set up to allow null authentication.
Click OK to close the SOCKS Client page.
If you are not using a third-party SOCKS server:
NOTE: The following steps apply only if the upstream SOCKS server is running Novell BorderManager 3.7.
Click the Gateway tab.
Check the SOCKS V4 and V5 check box > click Details.
(Optional) Enter the port number of the SOCKS server.
The default is 1080. This enables the Novell IP Gateway to act as a SOCKS server. Assign a different port number for SOCKS traffic if another service is already using this port.
Select SOCKS V5 or SOCKS V4.
Select V5 if the server must work with the Novell BorderManager 3.7 SOCKS client. If you select V5, select single sign-on and specify an authentication scheme. If you select SSL as an authentication scheme, select a key ID.
NOTE: Use the NetWare Administrator PKI Services to change and create key IDs in an NDS or eDirectory tree.
Select an authentication method.
Click OK.
Select the Users setup page and enter the username and password of the SOCKS client.
The username and password must match the username and password you configured for the SOCKS.
Click OK.
Click OK from the Novell BorderManager 3.7 Setup page.
To use a browser from a workstation, open the configuration window for the browser. In the field provided to specify the location of the HTTP proxy, enter the IP address or DNS hostname of the server running Novell BorderManager 3.7.
This allows requests from the browser to be sent to the SOCKS client operating with Novell BorderManager 3.7 Proxy Services, then forwarded to the SOCKS server if the requested information is not found in the proxy cache.