Proxy Server as Gateway

[vj_v1]

Hi

I am a network administrator for a University and have very little knowledge about linux,

The University has Squid proxy servers set up , and his server is different for different departments.

The problem is we have wireless deployed in the campus and have lots of unmanageable switches so cant have the access-points to access different VLans, So when a user has to access different access-points at different departments, he has to each time change the address of the proxy server in his proxy according to the department, so he has to remember or identify the ip of the proxy server according to the department he is getting the wireless from,


IS there a work around for this.

Please suggest a solution.


VJ

[Lazydog]

Add rules ti the firewall to point them to the proxy they need to goto and then only allow that proxy address through the firewall.

This does 2 things. Allows the user to roam and get the correct proxy and they don't have to remember the proxy settings.

[vj_v1]

Could you elaborate on the rules in the firewall, i never came across rules that could divert traffic back from the firewall.

[jledhead]

the best way to run squid is transparently
transparent squid - Google Search
then no one has to configure anything.

[Lazydog]

sure what you do is redirect all traffic for the web ports that are not coming from the proxy to the proxy.

Code:

iptables -t nat -A PREROUTING -p tcp -s <subnet> --dport 80 -j DNAT --to-destination <subnet proxy>

I don't know what you are doing with web traffic that is not coming from the proxy now, but it should be a simple fix.

This is more or less transparent-proxy as suggested already.