Skip to content

Internet Proxy Setup for HSA VMs

For HSA VMs that require controlled internet access, deploy TinyProxy on an Ubuntu VM in the SSA zone, then configure HSA VMs to use that proxy.

Prerequisites

  • An Ubuntu 20.04 VM in the SSA zone.
  • Internet access from that SSA VM on ports 80, 443, and 53.
  • SSH access to the SSA VM with administrative privileges.
  • Basic Linux command-line knowledge.

Warning

A proxy in SSA can expose HSA workloads if it is misconfigured. Limit access with firewall rules and review proxy logs regularly.

Setting Up TinyProxy in SSA

Update the VM

SSH to the Ubuntu VM and update the package index:

sudo apt update

Install TinyProxy

Install the TinyProxy package:

sudo apt install tinyproxy

Configure TinyProxy

Open the TinyProxy configuration file:

sudo nano /etc/tinyproxy/tinyproxy.conf

Configure the required settings:

Setting Description
Port The port TinyProxy listens on, for example 3128.
Allow The IP addresses or ranges allowed to use the proxy, for example Allow 0.0.0.0/0.
Anonymous Disable anonymous access.

Save the file and exit the editor.

Restart TinyProxy

Restart the service after changing the configuration:

sudo systemctl restart tinyproxy

Configuring Firewall Rules

Allow connections to the proxy VM on the proxy port, for example tcp/3128, using Cloud Portal firewall rules.

Tip

Allow inbound proxy traffic only from the sources that need it. Restrict incoming connections on the proxy port to necessary sources.

Configuring Proxy on VMs

Windows VMs

  1. Open Settings.
  2. Open Network & Internet.
  3. Open Proxy.
  4. Under Manual proxy setup, turn on Use a proxy server.
  5. Save the configuration.

Linux VMs

Open /etc/environment:

vi /etc/environment

Add the proxy variables:

http_proxy=http://your_proxy_IP:3128/
https_proxy=http://your_proxy_IP:3128/

Save the file and exit the editor.

Safety and Security

  • Keep Ubuntu and TinyProxy updated with security patches.
  • Review TinyProxy logs at /var/log/tinyproxy/tinyproxy.log.
  • Investigate unusual or unauthorized proxy access attempts.

Glossary and References

Term Meaning
TinyProxy A lightweight open-source HTTP and HTTPS proxy server.
SSH Secure Shell, used for secure remote server access.

References: