A virtual private network is defined as: a computer network that is implemented in an additional software layer on top of an existing larger network for the purpose of creating a private scope of computer communications
2. What is a Proxy Server /
VPN?
A virtual private network is defined as: a computer
network that is implemented in an additional software
layer on top of an existing larger network for the
purpose of creating a private scope of computer
communications
3. What does that mean in layman’s
terms?
When you type Facebook.com into your browser the
Great Firewall blocks access because that site is on
a list. Anything on the list cannot be accessed directly
from within the ‘Firewall because it controls incoming
and outgoing connections. A proxyproxy is an
intermediary server which is not on the list and it, in
turn, connects to any site you want since its access
is unrestricted. Once software is installed and
activated the process is seamless and you won’t
notice which sites are blocked and which aren’t.
Browse your friends Facebook photos to your hearts
content and tweet about them if you like.
4. Is this free?
Of the services available several are free and
monetized by advertising and others are ad-
free but require a monthly fee. The most well
known among free options was Hotspot
Shield, although it bombarded users with
advertisements and didn’t always work – that
was before it was blocked outright.
Unfortunately free proxies seem to get nailed
pretty quickly so if you want a reliable solution
you’ll be paying for the privilege of unrestricted
internet access.
5. A web proxy server is a program that makes
requests for web pages on behalf of all the
other machines on your intranet. The proxy
server will cache the pages it retrieves from
the web so that if 3 machines request the
same page only one transfer from the Internet
is required. If your organization has a number
of commonly used web sites this can save on
Internet accesses.
6. How fast is it? Are there any
downsides?
Since average internet speeds in China are
sub-par even for developing countries,
Freedur can easily max out my residential
2mb China Telecom internet connection which
at its fastest, is downloading at 200kb/s. The
Freedur application is small and works
flawlessly – once the accompanying Firefox
plugin is installed the giant On button works
like you’d expect.
7. Allowed subnets
In here, at least the subnets of the active
zones (no DMZ ) should be findable. The entry
of a subnetwork under this option allows
general access to the Web-proxyWeb-proxy.. If for
example, remote/local VPN networks or locally
connected networks that are neither in green
nor defined in blue should be connected to the
proxy, you just can enter the subnet with the
subnet mask in here.
8. The Network based access
control
Builds the main component of the "Access
control lists", and includes a few others, not
listed in the IPFire webinterface options. In
here the traffic control from Squid happens,
where the access to Squid and further from
Squid away can be managed.
9.
10. Disable internal proxy access to
Green from other subnets
If the proxyproxy is activated and used for both
zones (blue and green), there is the possibility
to reach the green zone from the blue zone
via http or https over the proxy. At this moment
the zone separation produced by IPTables is
bypassed. If this should be prevented, a hook
needs to be set.
11. Disable internal proxy access to
Blue from other subnets
If the proxy is activated and used for both
zones (blue and green), there is the possibility
to reach the blue zone from the green zone
via http or https over the proxy. At this moment
the zone separation produced by IPTables is
bypassed. If this should be prevented, a hook
needs to be set. However, a direct access
from green to blue is already possible
12.
13. Unrestricted IP addresses
All IP addresses which are listed in here have
no restrictions by the following regulation
areas of ”Time ristrictions”, ”Transfer limits” or
the ”MIME-type filter”.
14. Unrestricted MAC addresses
All MAC addresses which are listed in here
have no restrictions by the following regulation
areas of ”Time restrictions”, ”Transfer limits” or
the ”MIME-type filter”.
15.
Banned IP addresses:- All IP addresses that
are entered here will be completely blocked by
the proxy.
Banned MAC addresses:-All MAC addresses
that are entered here will be completely
blocked by the proxy.
16.
Unregistered IP's or MAC addresses:-IP or
MAC addresses which are neither entered in
the unrestricted section nor in the banned one,
are restricted by the ”Time restrictions”,
”Transfer limits” or/and the ”MIME-type filter”.