Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: EZproxy installation and firewall configuration

From: Matthew Keller <kellermg () POTSDAM EDU>
Date: Thu, 9 Dec 2004 21:22:50 -0500
We've used EZproxy for years now. If you firewall admins and/or your
firewall software are flexible people/software, you can just open up
those ports to JUST the EZproxy server, and not to your whole network.
Additionally there is a "proxy by name" mechanism in EZproxy
(http://usefulutilities.com/support/cfg/proxybyhostname.html) that
allows you to use one port (even port 80, if you'd like), and a special
wildcard DNS configuration. Your DNS admins will likely wig out when
they see it because it FEELS dirty, but it really is safe if you sit
down and logically lay it out. I'm happy to talk to your firwall and/or
DNS admins off-list if they have technical questions.



On Thu, 2004-12-09 at 14:56 -0500, Barros, Jacob wrote:

Our library has asked us to implement EZproxy for off-campus access to
reserved databases.  I noticed from the Useful Utilities website that it
seems like everyone is using it and I know you all have firewalls so...

I'm reading through the setup instructions and am a bit uncomfortable
with the way they ask to set this up, i.e. open port 2048 and higher on
the firewall. Can anyone offer a sample of their configs,  point me to a
best practices document or just give me some reassurance?

Jake Barros

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/groups/.

--
Matthew Keller
signat-url: http://mattwork.potsdam.edu/signat-url/
"No one ever says, 'I can't read that ASCII E-mail you sent me.'"

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/groups/.
Previous By Date Next
Previous By Thread Next

Current thread: