Through GPO all window devices are setup to use a proxy for internet access. Some random non-windows devices don't use the proxy. I believe the non-windows devices are accessing the internet via a default route in the main router to the MPLS cloud. Either way the devices all go out through our bonded T1 connection thus consuming our bandwidth.
This bandwidth is also used by all our remote offices to come in across the MPLS network. The remote branches all use citrix, but there is one regular PC at each branch that does need access to the internet. Currently the PC's do have access to the internet, but I haven't been at a remote branch to see how they are configured.
What I want to do:
At times the internet usage is very high and I don't like how random non windows devices bypass the proxy. I've cached key used websites on our ISA Proxy and have all software updates scheduled for 3AM. I have a FIOS 25Mb/s connection I use at night for backups. What I'd like to do is route all internet traffic first to the proxy and then out the FIOS.
How I plan to do this:
1) All of our internal and remote locations use the ip range 10.0.0.0/8 so verify there are routes in the main router to access the remote sites.
2) Make a default route in the main router to our ISA Proxy.
3) Change the settings for the External NIC of the ISA Proxy for the new FIOS connection.
4) Move the external network cable connected to the ISA Proxy from the bonded T1 router port to the new FIOS router
5) Test access to internal web based apps and test access to key websites used by the company.
My major concern that the ISA Proxy and all work stations are connected to the same large switch that in turn is connected to one router. I'm not sure if I can have a default route in the main router go to a switch interface instead of a interface on the router as it does now.
What do you all think?
I'm new to this Cisco world about 4 months now. Thank you for all your support!