Welcome, Guest. Please login or register.
Did you miss your activation email?
Sunday 15 December 2024, 04:06:37 pm

Login with username, password and session length

Download the latest community FREE version  HERE
14261 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  General Support
| | |-+  Transparent proxy and hotspot as gateway
0 Members and 5 Guests are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Transparent proxy and hotspot as gateway  (Read 22914 times)
ZannaC
Jr. Member
*
Offline Offline

Posts: 5


« on: Friday 13 April 2012, 05:39:40 am »

Hi, I configured Endian with one NIC to act as transparent proxy to log users activity.
The RED interface use as gateway the IP address of an AirLive hotspot.
If I turn off the user authentication of the hotspot all works fine, but when I turn on the AirLive user authentication (transparent proxy on port 2128), the AirLive Login page does not open!
Can anyone help me, please?
Thanks,

  Claudio
Logged
fqureshi
Sr. Member
****
Offline Offline

Posts: 126


« Reply #1 on: Friday 13 April 2012, 08:11:40 am »

Airlive might work on different port and as data traversed from green to red zone it is natted. This could be the reason. You must check on which port airlive listens for user authentication and then create a firewall rule. Is your outgoing firewall enabled under endian?
Logged
ZannaC
Jr. Member
*
Offline Offline

Posts: 5


« Reply #2 on: Friday 13 April 2012, 08:33:27 am »

Thanks for your response  Smiley
I try with or without outbound firewall enabled and it's the same... The AirLive hotspot act as a transparent proxy on port 2128, while Endian as transparent on port 8080... can you help me creating a firewall rule?
Endian use only one NIC, I configure RED as gateway and GREEN 192.168.0.2, the gateway is 192.168.0.254 (the AirLive) so I'm not sure there is a NAT, because (when I disable AirLive authentication so Internet can work) on Endian and on AirLive logs I can see the original Client IPs.
I had try using two nics for Endian and in this case all works well, but my problem is I need that AirLive hotspot see the original Client IPs and not the IP of Endian... anyway if you have some suggets to pass the traffic from GREEN nic to RED nic without NAT, I can try the two NIC solution...
Logged
fqureshi
Sr. Member
****
Offline Offline

Posts: 126


« Reply #3 on: Friday 13 April 2012, 09:06:32 am »

When you enable transparent proxy or authentication on airlive it means that it listens on 2128.
What i can suggest is under outbound firewall you can allow port 2128 without nat and see how it goes. Also when you enable transparent proxy in endian make sure 2128 port is allowed on clients under proxy management..
Logged
ZannaC
Jr. Member
*
Offline Offline

Posts: 5


« Reply #4 on: Friday 13 April 2012, 07:24:25 pm »

In the Firewall Outbound Traffic I open the traffic from green to uplink, port 2128 and it does not works... how can i tell Endian "No Nat"? Is the Allow IPs?
Logged
PSimon23
Jr. Member
*
Offline Offline

Posts: 1


« Reply #5 on: Friday 13 April 2012, 10:58:03 pm »

Similar subject was being discussed at yahoo answers last week. I can post the link if needed.
Logged

I'm on Twitter and my essay
ZannaC
Jr. Member
*
Offline Offline

Posts: 5


« Reply #6 on: Friday 13 April 2012, 11:59:57 pm »

Thanks PSimon23, I didn't find it... i'm very grateful if you can post the Yahoo Link...
Logged
fqureshi
Sr. Member
****
Offline Offline

Posts: 126


« Reply #7 on: Saturday 14 April 2012, 08:13:22 am »

You will find no nat in the firewall menu.. you have to create one rule in outgoing firewall and one in incoming (port forwarding)...
Logged
ZannaC
Jr. Member
*
Offline Offline

Posts: 5


« Reply #8 on: Saturday 14 April 2012, 09:01:53 pm »

Hi, I resolved connecting the Clients to the Hotspot, putting the AirLive hotspot in router mode (no NAT) and connecting the wan port of the hot spot to the green NIC of the Endian PC proxy (obviously I have to add in the Endian the static route for the internal LAN).
So, I can log the IP of the Clients and all works well!

Thanks for your cooperation  Smiley
Logged
fqureshi
Sr. Member
****
Offline Offline

Posts: 126


« Reply #9 on: Saturday 14 April 2012, 09:43:39 pm »

Glad to know :-)
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.094 seconds with 19 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com