On 10/29/2013 06:30 PM, WorkingMan wrote:
The short answer is I need a transparent proxy (url rewrite and traffic inspection) behind VPN (going for the security not for speed; cache will not be used; proxy only).
This is maybe squid area
Amazon VPC - 10.0.0.0/16 (subnet goes under that CIDR) VPN client - ex: iphone (10.100.0.0/16 virtual pool) vpn - 10.0.1.2 squid - 10.0.1.3 (in practice it would go under 10.0.2.0/24 and use NAT to go to WAN but for making this simpler I use the same subnet)
I am not very good with linux networking so I think most of the issue is with networking and routing.
Not related to squid but a tiny leap to help with can happen.
My first attempt using VPC with this setup ended up with VPN client not able to access anywhere. I suspect routing was not correct because I can see DNS request and answer and some traffic going to the web site but there is no response coming back to the client.
Masquarade is what you are looking for.(iptables and MASQUARDE)
I am using (similar steps in both guides): http://www.tldp.org/HOWTO/TransparentProxy-6.html http://lartc.org/howto/lartc.cookbook.squid.html I am in the process of re configuring from scratch. If you have sure way of making this work let me know. basically VPN setup is not an issue but routing traffic to remote SQUID server and back is something that I am not able to do successfully.
Depends on the VPN client.. What VPN client have you used until now? Eliezer