Using Squid as a Transparent Proxy! Have I done it right?
-
Hi All,
Background:
We have iPads at the school I work at and as they don't send the AD username to BLOXX the filter it applies is the default policy, this would be fine but we don't have access to the default policy! As a policy on BLOXX can be applied to a IP address I came up with the idea of using a Transparent Proxy for the iPads and I thought I would send the traffic to this and forward it to BLOXX which would see just one IP and apply a policy to that, crude but it should work until we can do something better.What I have done:
I have just set-up pfsesne as a VM on my VMWare environment with 2 nics LAN and WAN and gave them 10.140.1.51 and 10.140.1.52 to send the traffic in one and out the other I thought. I could ping the first but not the second I'm not sure why? To start with I couldn't download packages I believe as the WAN interface wouldn't ping and send out traffic so I turned it off and it worked, I could installed the VMWare tools and squid packages.I then setup squid and everything is working but the WAN 10.140.1.52 interface is turned off and I thought I would need both the LAN and WAN nics connected and send the traffic to one and out the other onto BLOXX is this correct? I know its working but I don't want to slow things when I have multiple devices connected.
1. So my questions are should I have this Transparent Proxy working on one or two nics, basically have I set it up right?
2. Should the second WAN nic of worked straight away or because I put them both on the same subnet will only one ever work because they need to but on different networks?
Hope this makes sense!
Thanks
Dunk