Configurating proxy bypass in a router
I'm embarking on this myself and as I understand it we need
- router redirects packets to proxy
- proxy accepts packets and handles them
and there are two ways this is normally done:
- router and proxy are the same machine, and packet redirection is fairly trivial
- router and proxy are different boxes, both must talk WCCP or equivalent, and it's harder
You and I are both in camp 2, and your network topology matches what I've seen (under WCCP2, the "VPN Access" is implemented using a GRE tunnel from the router to the proxy). I have a Cisco 800-series that has WCCP built-in; like my soon-to-be-decommissioned Billion, your TP-Link may not. The proxy server also needs to understand whatever WCCP-or-equivalent the router talks. Squid-on-Linux is apparently easy to set up to do this; I can't speak for any other environment.
As I proceed with my implementation I'll update this answer to reflect that progress.
Update as promised:
Sadly I can provide no further clarification, as I've aborted this implementation:
thanks to a new employer I've got a faster Internet link;
the Cisco's 100Mb/s ports are now Too Slow;
it's simpler to just have every device fetch direct every time; and
there's now no user-visible benefit from a local caching proxy.
When technology or my circumstances next change significantly I'll revisit the question.
Related videos on Youtube
Pedro Mendes
Updated on September 18, 2022Comments
-
Pedro Mendes over 1 year
The issue is this:
I have a private network that uses a proxy server: proxy.address.com port:8080 in order to enable internet access to the hosts.
The thing is that i need to give internet access to some devices (tablets,smartphones) that do not allow proxy configurations.
What i intend to do is to configure the proxy (proxy.address.com:8080) somewhere in the router (TP Link WR740N) so that the hosts accessing the network do not have to use the proxy configurations!
network topology:
wifi client -- > router --> LAN --> VPN Access <--> VPN Access --> Proxy Server >> INTERNET
Is this possible?
If not possible tell me why please...