I am trying to accomplish this and i have followed Syed Janazaibs’ guide on how to do it except on my setup i only have ONE external and thats going directly to my untangle filter. In the guide he has two externals – one going to the proxy and one going to the net.
my setup is simple:
we have Hotspot and PPPoE on the MT Router
IPs are as follows:
192.168.99.1/24 192.168.99.0 LAN-users (hotspot subnet)
172.16.0.1/24 172.16.0.0 LAN-users (PPPoE subnet)
192.168.8.2/29 192.168.8.0 RADIUS (going directly to radman)
192.168.7.5/24 192.168.7.0 Net-5 (this is the internet port going to Untangle server which uses Squid)
Now on the untangle box its very simple:
Eth0 is the WAN external IP
Eth1 is the LAN 192.168.7.1/24
and thats it. its simple.
i have the following setup on my router:
;;; masquerade pppoe clients
chain=srcnat action=masquerade src-address=172.16.0.0/24 out-interface=Net-5
;;; masquerade hotspot network
chain=srcnat action=masquerade src-address=192.168.99.0/24 out-interface=Net-5
ip dns set allow-remote-requests=yes cache-max-ttl=1w cache-size=8000KiB max-udp-packet-size=512 servers=192.168.7.1
ip firewall nat
add action=accept chain=srcnat disabled=no dst-port=80 protocol=tcp
ip firewall mangle
add action=mark-routing chain=prerouting disabled=no dst-port=80 new-routing-mark=http passthrough=yes protocol=tcp
/ip route
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.7.1 routing-mark=http scope=30 target-scope=10
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.7.1 scope=30 target-scope=10[/b]
now on the untangle box i have issued the command:
route add -net 192.168.99.0 netmask 255.255.255.0 gw 192.168.7.5 dev eth1
and after all this untangle still shows 192.168.7.5 and NOT the user IPs.
Am i missing something here – is this even a do’able thing?
]