Setting Up the SOCKS Client (Upstream)

This feature enables a proxy to authenticate through a SOCKS 4 or SOCKS 5 firewall. SOCKS is a circuit-gateway type of protocol. With SOCKS, hosts behind a firewall can gain full access to the Internet without full IP reachability. When SOCKS support is enabled, all requests sent to the Internet are forwarded to a SOCKS 5 server and the proxy is used for caching only.

When the proxy receives a request, it checks its cache. If the requested object is not in the cache, the proxy makes a TCP connection to the SOCKS server and redirects the request from the intranet to the SOCKS server, allowing for more secure Internet access. The SOCKS server then connects to the origin server and retrieves the object. Null and username/password authentication are supported.

Setting up HTTP or FTP proxy support through SOCKS has the following steps:

  1. In NetWare Administrator, select the Novell BorderManager 3.8 Setup page for the server.

  2. From the Application proxy tab, select HTTP or FTP proxy.

  3. Click SOCKS Client, then select the Enable SOCKS check box.

  4. Specify the IP address of the SOCKS server.

  5. Specify the port number of the SOCKS server.

    The default is 1080.

  6. Click Username/Password, then specify a username and password that the proxy will use to authenticate with the SOCKS server.

    If you select No Authentication and do not specify a username and password, null authentication is used. The username and password must match the username and password configured for the SOCKS server or at the third-party SOCKS server.

    If you configure null authentication, make sure that the SOCKS server is set up to allow null authentication.

  7. Click OK to close the SOCKS Client page.

  8. If you are not using a third-party SOCKS server:

    NOTE:  The following steps apply only if the upstream SOCKS server is running Novell BorderManager 3.8.

    1. Click the Gateway tab.

    2. Select the SOCKS V4 and V5 check box, then click Details.

    3. (Optional) Specify the port number of the SOCKS server.

      The default is 1080.

    4. Select SOCKS V5 or SOCKS V4.

      Select V5 if the server must work with the Novell BorderManager 3.8 SOCKS client. If you select V5, select single sign-on and specify an authentication scheme. If you select SSL as an authentication scheme, select a key ID.

      NOTE:  Use the NetWare Administrator PKI Services to change and create key IDs in an NDS or eDirectory tree.

    5. Select an authentication method.

    6. Click OK.

    7. Select the Users setup page and specify the username and password of the SOCKS client.

      The username and password must match the username and password you configured for the SOCKS.

    8. Click OK.

  9. Click OK from the Novell BorderManager 3.8 Setup page.

  10. To use a browser from a workstation, open the configuration window for the browser. In the field provided to specify the location of the HTTP proxy, specify the IP address or DNS hostname of the server running Novell BorderManager 3.8.

    This allows requests from the browser to be sent to the SOCKS client operating with Novell BorderManager 3.8 Proxy Services, then forwarded to the SOCKS server if the requested information is not found in the proxy cache.