Hey guys, I was curious to know, is it possible, or how would one achieve the following goal.
We have a Squid proxy server setup with filtering and reporting in our DMZ. At the moment clients are configured using the PAC file/WPAD method or even manually configured to direct traffic to it.
Is it possible to configure the following iptables rule using the confines of the standard VyOS command line configuration tools?
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j DNAT --to 192.168.1.1:3128 iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128
What we’re trying to achieve, is have all our clients on our user VLAN to have transparent internet access using the transparent proxy without having to roll out PAC/WPAD files etc or reconfigure workstations.[/code]