Squid Transparent Proxy Server on Windows Server 2003

In this article I’ll talk on how to setup a transparent proxy on Windows Server 2003 using Squid NT. Squid NT is a port from Linux base proxy server called Squid. I have successfully installed and configured Squid transparent proxy on Windows Server and here is how I do it.

Installing Squid NT is very easy, first you can download Squid NT here, and then you can follow my old tutorial here: http://markus.revti.com/2007/06/installing-squid-cache-for-windows/

Although installing Squid NT is easy, however configuring transparent proxy on Windows version of Squid is a bit tricky as Squid NT have its limitation. From Squid NT website it’s stated: “Transparent Proxy: missing Windows non commercial interception driver”.

My first thought was there is no way to do port forwarding or port redirecting in Windows Server the same way it is done in Linux server. In Linux based server you can use iptables to do port forwarding with the command like this:

iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128

I’ve been looking for a way to do port redirect or port forwarding in Windows Server 2003 this several days and start to become desperate as not much info I can get on this topic. At first I was looking for doing port forwarding or port redirecting in RRAS (Routing and Remote Access Service) but can’t find it. Actually there is port forwarding in RRAS but it’s not what I need to make transparent proxy.

Then I start looking for software that can do port forwarding and found Softperfect Bandwidth Manager can do it. You can download Softperfect Bandwidth Manager here.

Step by step to configure transparent proxy using Softperfect Bandwidth Manager:

Let start by installing the Squid NT, use my old tutorial here http://markus.revti.com/2007/06/installing-squid-cache-for-windows/ to guide you.

Then you’ll need to modify the squid.conf to add “transparent” keyword behind http_port options so it will look like this:

http_port 3128 transparent

Install Softperfect Bandwidth Manager

Create a Port Map, here you should define the Squid’s port on your server. Go to “Tools > Port Mapping”

Softperfect Bandwidth Manager's Add Port Map

Softperfect Bandwidth Manager's Add Port Map

Click on New button to create a new mapping, fill like the example below

Softperfect Bandwidth Manager Adding New Port Map

Softperfect Bandwidth Manager Adding New Port Map

After you create a port map, you need to create a new rule to redirect all HTTP request to remote server port 80 to port 3128. Click on “Rules > Add Rule”. On General tab fill the fields with these values:

Direction: Both
Transfer Rate Limit: Unlimited
Protocol: TCP and UDP
Apply Rule on Interface: LAN

Softperfect Bandwidth Manager Rule General Tab

Softperfect Bandwidth Manager Rule General Tab

Important! You must select the interface (Network Card) that is connected to your Local Network (the one that connect the server to other client computers, and NOT the one connected to the modem, etc.)

On Source tab set the values to these:

Source Address: Whole IP Address, and insert the IP ranges of your clients PC
Source Port: Any

Softperfect Bandwidth Manager Source Tab

Softperfect Bandwidth Manager Source Tab

On Destination tab set the values to these:

Destination Address: Any IP Address
Destination Port: Port List and then Add these ports: 80 (HTTP) and 443 (HTTPS)

Softperfect Bandwidth Manager Destination Tab

Softperfect Bandwidth Manager Destination Tab

On Advanced tab look for “Additional Processing”, give check on “Process through the following mapping” and select the port mapping you created before and click OK.

Softperfect Bandwidth Manager Advanced Tab

Softperfect Bandwidth Manager Advanced Tab

Done, now all requests to port 80 and 443 will be redirected to Squid NT. To check whether the transparent proxy works or not you can visit http://whatismyipaddress.com/ and it should say “Proxy Server Detected!”

Download Squid NT and Softperfect Bandwidth Manager here

129 thoughts on “Squid Transparent Proxy Server on Windows Server 2003”

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>