I’ve got a network set up with a number of VLANs, the guest VLAN being 70 and would like to route all traffic on this network via the new Squid Web Proxy which we have just built. All other clients connect through a different proxy so we just want the redirection to be for this specific VLAN.
We currently use the Mikrotik RB for handling the hotspot and userman for the tickets so any advice on how I can configure this would be greatly appreciated. We would also like all traffic on this network to route via our second ADSL gateway (gateway2) to separate it away from our corporate gateway (gateway).
Specific data:
Mikrotik IP Address: 10.10.70.1 (Guest VLAN)
Squid IP Address: 10.10.30.67 (Server VLAN)
Guest IP Range: 10.10.70.10-254/24
Any more detail that I need to provide please let me know.
For a transparent proxy (I’m assuming that’s the setup you want since you didn’t specify otherwise) just place a specific NAT rule for that subnet for them. It will have to be higher up in the NAT rules than your proxy rule for the rest of the network, or that rule will have to be narrowed down to exclude this one:
Then you will just need to specify a policy routing to send all traffic from the squid box out of the second DSL line along with the correct NAT rule and you should be set to go. For this to work, Squid will need to be set in transparent mode as well, and a transparent proxy can only proxy HTTP traffic, not HTTPS.