I need to configure ca. 40 NBM (3.8sp4) servers to use an IIS as an upstream proxy. I also need to change the authentication strategy.
There will be a radius server as the authentication soure for the IIS.
I have read in Craig S. Johnson s book, that the latest patch for BorderManager 3.5 and later provides the capability of passing authentication information to an upstream caching server. The authentication information is configured in the PROXY.CFG file.
q1: How?
q2: Can i continue to use clntrust on clients?
q3: What kind of proxy hierarchy should i use? CERN or ICP ? I would prefer the CERN method, because there is only one IIS as an upstream proxy, and ICP cache hierarchies are best suited to situations where multiple caching servers exist.

Thanks in advance !