Setting up a transparent proxy
I am looking at setting up some kind of visitor wireless access for our company however our internet connections all run through a external proxy.
After many wasted hours explaining to visitors how to enter the proxy settings before they can connect to the web I feel it is time to look at a solution which is a bit more simple from the end user point of view.
My initial idea was that I could just buy a WAP which allows me to select the proxy server but in reality this seems to be quite a rare or expensive option (I have had previous experience using a ZyAIR G-4100 for something similar but this was quite unreliable)
From a bit of research the most popular answer seems to be to setting up a transparent proxy using a Ubuntu box running Squid between the modem and the switch.
Does this sound like the most sensible idea or am I overcomplicating things?
Edit Forgot to mention that my other problem is that i am locked out of the router too so am unable to play about with creating separate subnets that bypass the proxy.
I'm entirely sure I understand your layout, but if you just want to give your visitors Internet access (and don't care if they use a proxy at all), why not just add another leg to your edge firewall/router (assuming it can do that) and bridge the wi-fi router onto that leg and route/filter accordingly?
Edge firewall/router: drop src 192.168.2.0 dst 192.168.1.0
[ eth0 LAN:192.168.2.1/24 | eth1 Guest:192.168.2.1/24, running DHCP for this network]
| |
| |
| |
{your LAN} [wi-fi bridged router (plugged into switch ports, not WAN;DHCP
disabled)]