- Lab
-
Libraries: If you want this lab, consider one of these libraries.
- Cloud

Deploy and Test a Squid Forward Proxy Server
In this lab, we will provision and configure a simple Squid proxy server and test it with a client. We will also use an external web client system to test that it is caching web pages. This hands-on lab can be taken stand-alone or as part of the LPIC-2: Linux Engineer Exam 202 preparation.

Lab Info
Table of Contents
-
Challenge
Install Squid Proxy Server Software
Using the appropriate commands install the squid proxy server:
sudo yum install squid
-
Challenge
Walk through the Configuration and Make Changes If Appropriate
Make any changes to the squid configuration to suit the Lab environment if required:
cd /etc/squid vi squid.conf
NOTE: For this lab, you are not required to make any changes, the ACL for the local network (private) and the default port (3128) will meet our requirements.
-
Challenge
Enable and Start the Service
Using the correct commands, start the service and enable it to restart on a system reboot:
sudo systemctl enable squid sudo systemctl start squid
You can check it is listening via:
telnet localhost 3128
-
Challenge
Install and Configure a Web Client for Proxy Use
Using the appropriate commands, configure a web client for use with the proxy server.
On the second server, export the 'http_proxy' variable to the private IP of the squid server:
export http_proxy=[squid server IP]:3128
-
Challenge
Use the Client Web Browser to Verify Functionality
Check functionality of the Squid proxy server using a web browser or client.
Use the text web browser 'lynx' on server 2 to verify that a website comes up:
lynx http://google.com
-
Challenge
Stop the Squid Proxy Service to Understand the Various Errors and What They Mean. Once Tested, Start the Service Again.
Using the correct system commands, stop the service, examine the errors. Start the service and examine any errors or messages.
Back on Server 1 (where squid is installed), stop the squid service:
sudo systemctl stop squid
Verify it is stopped, the following should now fail:
telnet localhost 3128
-
Challenge
Change the Proxy Configuration to Block Access from the Second Server. Examine the Message When You Try Access Again.
Note: You will need to restart the proxy server.
Edit the ACL for the private network to exclude access:
vi /etc/squid/squid.conf sudo systemctl restart squid
Check your client with Lynx and verify the error message.
-
Challenge
Change the Proxy Server to Re-enable Access from server2
Re-enable the access to the second server.
About the author
Real skill practice before real-world application
Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.
Learn by doing
Engage hands-on with the tools and technologies you’re learning. You pick the skill, we provide the credentials and environment.
Follow your guide
All labs have detailed instructions and objectives, guiding you through the learning process and ensuring you understand every step.
Turn time into mastery
On average, you retain 75% more of your learning if you take time to practice. Hands-on labs set you up for success to make those skills stick.