Juniper’s NSM Attack update is something which will go over to Juniper’s security server and download the latest available IDP signature sets. There are situations where the NSM server do not have Internet connection, thus having to use a proxy solution.

You can use Squid Proxy for handling this; Setup Information would be as below;

1. Install Squid (I used Windows binary of Squid) on a machine with Internet Access.

2. Edit the conf file for Squid and add as below

Squid Config Information:

With no password proxying, all you need is this;

http_port 3128 (or any port)

http_access allow all

3. If you want to have basic authentication (NCSA), change the conf file to this;

With username/password proxying, you need this; => For NCSA type of authentication

http_port 3128 (again any port)

auth_param basic program C:\\squid\\libexec\\ncsa_auth.exe c:\\squidpassword.txt  (2 slashes since it is on Windows)

acl NSMQA proxy_auth REQUIRED

http_access allow NSMQA

4. Configure proxy server ip and port in NSM preferences

5. Start Squid and that is it. Have fun