Topic: SME as a NT domain behind Censornet proxy

[linuxmad]

Hi,
I am from Portugal. I work at a vocational school where I am the person behind the network management. I pretend to use SME to work as a NT domain controller, use file/printer sharing etc...
Since I am using Censornet as a proxy server, which also is doing DHCP serving, I would like to know how can I tell the SME box to use the Censornet Proxy. I will have to add the machine manually since Censornet wont recognize the SME machine because it is not winndows machine, but then how do I tell SME to use the proxy:8080 and the user and password auth?
And now that we are in the process... Will I be able to get the users list from the SME machine. I guess i will have to use the NT Domain import List? Is this right?
Thank you guys,
José

[linuxmad]

Please someone
How do i get sme server online behind the censornet proxy??
Where do I tell SME to use 192.168.0.1:8080 with a user:xxxxx and a password: yyyyy
I am just to close to give up now...~PLEASE  

[gizzmo2k1]

I'm a bit confused as to why you would want your SME server to use the proxy.  As long as the gateway is set to the address of your Censornet box (192.168.0.1) you should be able to get to the internet fine.  It's not like you would be doing any Web browsing from the SME box.

[linuxmad]

gizzmo2k1.. thanks for replying. My question is:
Will the SME box need internet in any way? For updates or whatsoever? I am sorry if this seems a silly question but I am just getting started with it. If it doesn't need to use internet in any way, I gess you are right,.. if not how can i change it? ...because my censornet proxy needs auth..
Thanks

[gizzmo2k1]

The SME server does use the internet for updating, but it won't use the proxy server.  Proxy is only for browser traffic (usually configured through IE or Firefox) and will not interfere with the SME server.  I have a proxy on my network that requires authentication and my SME server has no issues doing updates.

[linuxmad]

I don't know if Censornet works that way... For instance I have a Ubuntu headless box that updates itself using apt and still i had to configure apt to use the proxy and I had to join that machine to the censornet proxy. But I will give it a try.
Thanks.
José

[larry007]

Linuxmad, I don't know which configuration you used for your Censornet setup, but I presume you used the gateway/firewall option.  

If you did make use of this method, you'll need to create an IPtables rule that will allow your server traffic through - in fact, thinking about it now, I remember vaguely there is actually a setting within the webgui that gives you the option to bypass authentication and allow ALL internet access, its based on MAC addresses, which you mentioned you had to add manually.  I believe that should solve it for you.

Else I would advise you to use the 'sideways' proxy option as described on the censornet site. But that will force you to have fierce proxy setup on your clients, but it is still the way I prefer to use it, together with a .pac file on my webserver for easy bypass/changes if needed in emergency.

Hope that helps