making server completely transparent

[KKComp]

Hi everyone im just checking in I know a lil about linux looking to learn more I know forums are the best way to go. I recently installed centos 5.3 on a machine we are going to be using as a squid server. Just a couple quick ?s and just wanted to pick your alls brains. What im trying to do with the server is use it for caching to speed up our network t but i dont want to go around to all the our customers to setup their browser for proxy. what all is involved with making this server completely transparent. So the end user will does not need to enter in proxy information.

any stickies or good how to's would be awesome thanks

[scathefire]

here is a start.

Transparent Proxy with Linux and Squid mini-HOWTO: Transparent Proxy to a Remote Box

[zez3]

As a base line.
You just need to work on dns and dhcp servers that you have in your networks.

IE(who is not such a good ideea) - gets the proxy via dhcp 252 option configured with asci pointing to a wpad file located on a http server

Firefox and others - gets the proxy via DNS alias wpad.your_domain.com pointing to the same server perhaps with proxy.pac file.

[r31griffo]

I can't post links yet, go to the Squid hompage, click FAQ and click /InterceptionProxy on the side panel. This will help you get it going.

Another idea is you can look at 'out of the box' proxy server distros that are freely available on the web:
pfSense
m0n0wall
IPCop
This is only a handfull of the countless others out there. They not only provide a completely transparent proxy (if this is how you configure it) but also a configurable NAT with port forwarding, firewall, VPN and even a captive portal (for user authentication without any browser configuration...WiFi Hotspot setup), etc.

I know this is not exactly what you were looking for but I've used these before and have found them nothing short of excellent.

m0n0wall and IPCop were developed to use old computer hardware...I once found a computer left out for rubbish collection (an old Pentium 266MMX with 128MB RAM and 2GB hard drive) that ran IPCop like a dream.

I gave it away and I am now using VMWare to run my proxy (IPCop), web and email servers on the one computer...just food for thought.

My proxy is completely transparent, but with a couple of clicks I can also add user authentication (still without any changes to the users web browsers).

If you choose IPCop, keep in mind that it has a few limitations that are overcome by unsupported/non-official add-ons...DO NOT UPDATE - however the other 2 proxy servers I've mentioned do a lot straight out of the box.