Welcome, Guest. Please login or register.
Did you miss your activation email?
Sunday 10 November 2024, 05:40:07 pm

Login with username, password and session length

The Latest Endian Firewall is now available for download HERE
14250 Posts in 4377 Topics by 6515 Members
Latest Member: hulteends
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  EFW SMTP, HTTP, SIP, FTP Proxy Support
| | |-+  Separate IP subnets proxy through separate Uplinks (Gateways)???
0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Separate IP subnets proxy through separate Uplinks (Gateways)???  (Read 25492 times)
Wesley.Ibound
Jr. Member
*
Offline Offline

Posts: 4


« on: Tuesday 10 May 2011, 05:46:34 pm »

Hi All,

New to this, have a quick Q?

i have two gateways set up on Router - 192.168.88.1/24 & 192.168.77.1/24
Endian has two uplinks setup - Main Uplink = 192.168.88.1 , Secondary Uplink = 192.168.77.1

(Endian is set up in Transparrent proxy mode)

Network layout is - ISP->Router->Endian-> LAN

Now when i set myself up static on 192.168.88.0/24 range or 192.168.77.0/24 range on lan side, every thing works like it should right, caching working aswell.
this all is coming out Main Uplink.

what i would like to do now is route all HTTP traffic though Secondary Uplink, which is done though routing policy or routing table.
this works.... But,

Problem...

Proxy is still caching though Main uplink and not caching the HTTP traffic from Secondary uplink

How do i get the Proxy to cache off of that specific uplink(gateway) for that specific subnet???

any ideas would be greatfull.
Logged
Wesley.Ibound
Jr. Member
*
Offline Offline

Posts: 4


« Reply #1 on: Wednesday 11 May 2011, 08:59:16 pm »

any one out there?
Logged
Wesley.Ibound
Jr. Member
*
Offline Offline

Posts: 4


« Reply #2 on: Wednesday 11 May 2011, 11:44:17 pm »

maybe this explains it better...

What we are trying to do is transparently cache traffic for two separate IP subnets with different gateways. Is this possible?
Our problem is that the proxy always pulls from the first (default) uplink's gateway. We want traffic from the 77 ip range to go out on its own gateway from the cache.

This is our network layout.

ISP/Router            <->            Endian                          <->    Local Network
Gateway               <->   Nic0+Nic1 Bridged                 <->    Client
192.168.88.1        <->  UPlink1  192.168.88.15          <->    192.168.88.25 (any ip for client on subnet 88)
192.168.77.1        <->  UPlink2  192.168.77.15          <->    192.168.77.25 (any ip for client on subnet 77)

We've also tried adding a routing rule to force the 77 ip range traffic to go out uplink 2 that we've created.
Logged
jantram
Jr. Member
*
Offline Offline

Posts: 7


« Reply #3 on: Friday 13 May 2011, 12:26:31 am »

I think you need to look at policy based routing, I am just re-merging my 3 uplinks and 4 or 5 LAN segments, so I'm doing the same sort of thing. ( Though w/o any proxy process, just traffic direction. )

Logged
bkarankar
Full Member
***
Offline Offline

Posts: 33


« Reply #4 on: Friday 13 May 2011, 09:56:00 pm »

simply defile/add the route..

it will auto accept relative policy....
Logged
Alishba
Full Member
***
Offline Offline

Posts: 12


« Reply #5 on: Monday 16 May 2011, 08:10:33 pm »

Dashquid
fatlossprofessional.co.uk
fatlossprofessional
mobilehelper
securetrip
whichpetcover
google
abc
facebook
craigslist
Logged

Wesley.Ibound
Jr. Member
*
Offline Offline

Posts: 4


« Reply #6 on: Thursday 19 May 2011, 06:08:15 pm »

The routing policy works, i can forward all traffic from subnet 88 through gateway 88.1, and all traffic from 77 subnet through gateway 77.1.

the problem is that what ever the default gate way is that is where the proxy pulls cache from, i want the proxy to pull cache from the correct gateway for that subnet.

get what i mean?
Logged
lucianovs
Jr. Member
*
Offline Offline

Posts: 4


« Reply #7 on: Thursday 07 July 2011, 10:14:31 am »

Hi,

You need create a firewall rule SNAT.

SOURCE      PORT              GATEWAY
77               any or 80        gw1
88               any or 80        gw2


All Traffic from 77 goes to gw1 and All traffic from 88 goes to gw2.....BUT, if you are using PROXY, all port 80 is redirect to proxy and the traffic doesn´t go out using the rule SNAT, always goes to default gw, you need create a other RULE:

SOURCE                          PORT           GATEWAY
IP_RED_INTERFACE            80                 GW2 or other link you want go out the web.

A think this can help a little bit.

               
Logged
bkarankar
Full Member
***
Offline Offline

Posts: 33


« Reply #8 on: Thursday 15 September 2011, 10:46:24 pm »

simply defile/add the route..

it will auto accept relative policy....

yehhh, i m working on efw from last 5 years.
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.078 seconds with 18 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com