VLAN, Transparent Proxy

WinGate Proxy Server and other Qbik products

Switch to full style
Use this forum to post questions relating to WinGate, feature requests, technical or configuration problems
Post a reply
sroghen
  • sroghen
  • Posts: 3
  • Joined: Oct 16 06 5:06 am

VLAN, Transparent Proxy

Oct 16 06 5:13 am

Hi,
I have several VLANs in my network.
Asuming WinGate on VLAN 1 (native), dept1 on VLAN 2 and dept2 on VLAN3.

Is it possible to:
Monitor and restrict users in dept1 to certain websites through the proxy without any configuration done to the browser. Give dept2 users full access to internet but still log their access with no configuration on browser
(Users on Linux and windows, some also on Terminal server.). What configuration to set?
adrien
  • adrien
  • Posts: 5448
  • Joined: Sep 03 03 2:54 pm
  • Location: Auckland
  • Website

Oct 16 06 10:30 am

If these VLANs are also on different IP subnets, then you can use IPs in the policies to handle what you want.

WinGate policies are additive - each policy you add grants something more access.

so for instance if VLAN1 was 192.168.0.x, VLAN2 was 192.168.1.x etc then you could have policies in the WWW proxy like

1. Everyone, user may be guest
Location:
included: 192.168.0.*
Advanced tab:
Filter 1
site contains "allowedsite1"
Filter 2
site contains "allowedsite2"
Filter 3
site contains "allowedsite3"
etc

2. Everyone, may be guest
Location
included: 192.168.1.*

Enable transparent proxy in the WWW proxy.

Adrien
sroghen
  • sroghen
  • Posts: 3
  • Joined: Oct 16 06 5:06 am

Oct 16 06 5:54 pm

Thanks Adrien for your reply.

That is correct VLAN1 and VLAN2 are different subnets.

So thats one issue resolved, I can control internet access based on IP address/subnets.

1. Transparent proxy. This is one of the most important aspect. We do not want to configure each and every user's browser settings to go through the proxy. The server must be plug & play.

From your response, do I gather that enabling transparent proxy will do what I want?

2. How will the network setting be?

LAN -->SWITCH --> HUB --> WINGATE & INTERNET GATEWAY (ADSL ROUTER)

Will the above be appropriate?

Regards
Roghen
sroghen
  • sroghen
  • Posts: 3
  • Joined: Oct 16 06 5:06 am

Oct 19 06 1:25 am

Anyone?
adrien
  • adrien
  • Posts: 5448
  • Joined: Sep 03 03 2:54 pm
  • Location: Auckland
  • Website

Oct 19 06 10:23 am

Hi

That should work.

Transparent proxy is enabled in the WWW proxy on the sessions tab.

As for network configuration, you normally get better control if WinGate has 2 interfaces - 1 to the LAN and 1 to the Internet, but WinGate will do NAT and transparent proxy even with only one interface.

Adrien
Post a reply
Switch to full style

Powered by phpBB © phpBB Group.

phpBB Mobile / SEO by Artodia.

Board index