Greetings everyone. I am trying to figure out how one would set up an inline filtering appliance with an RB1200 in a somewhat unusual manner. This particular device has only one IP address assignable to it and has two physical ports (ingress / egress) which if I understand correctly means that it is internally bridging the two physical ports. My thoughts are:
- utilize two ports on the RB1200 to cable the ingress and egress ports of the filter
- mark specific traffic via mangle and routing rules to go through this device
If possible, I could then be selective on what traffic is diverted through it rather than physically placing / cabling it either before the router LAN port(s) or after the WAN port as it would normally be.
I have configured a setup prior to this using squid transparent proxy along with mangle/routing marks, but in that case I could assign different IP addresses / subnets to the interfaces whereas in this case I am stuck with the single bridged IP of the appliance.
Has anyone attempted such a setup or would anyone care to speculate on how I might be able to accomplish this? My thanks in advance to any replies.