SOCKS Overview

SOCKS is a software protocol used in conjunction with a firewall host system to provide secure, controlled access to internal and external networks. When you request a network connection from a SOCKS-enabled application, the SOCKS Client software communicates with the SOCKS server software to determine if the connection is allowed. If it is, the connection is established. If it is not, the SOCKS server rejects the connection request.

To enable SOCKS support, use the SOCKS tab of the Security Properties dialog box (or, if you are also configuring a Secure Shell connection, use the Reflection Secure Shell Settings dialog box). After enabling SOCKS support, you must configure the SOCKS client. You can configure the software in one of two ways: designate a single SOCKS proxy server through which all requested connections must pass; or designate specific SOCKS proxy servers (or request that the SOCKS proxy server be bypassed) for specific destination addresses.

When the SOCKS protocol is enabled and you use a InfoConnect application to request a connection to a remote host, InfoConnect determines if the connection request must go through the firewall system. If the firewall system must be used, the application uses the SOCKS protocol to communicate with the SOCKS server software, which determines if the connection is allowed.

The InfoConnect SOCKS Client is compliant with SOCKS version 4 and works with SOCKS version 4 or version 5 servers.

NOTE:If your SOCKS server requires authentication before it will grant a connection request, you must run the Identification Daemon. The Identification Daemon (IdentD) authenticates TCP connections between two hosts. Some SOCKS servers require authentication before they will grant a connection request through the firewall. The Identification Daemon must be running to perform this authentication.

Check with your system administrator to determine whether your SOCKS proxy server requires identification (that is, whether the SOCKS daemon was started using the -i or -I option). If the server does not require authentication, the Identification Daemon has no effect on SOCKS. The Identification Daemon has no configurable options.