?
Solved

Trying to Use Vyatta as Transparent Proxy

Posted on 2011-03-15
3
Medium Priority
?
2,777 Views
Last Modified: 2012-05-11
Hello.

I am trying to set up a web filter on a network without modifying the addressing structure of my network. I would like to block workstations from accessing websites restricted by a Vyatta webproxy service. However, I do not want to manually configure the workstations.

In a test environment, I can use the Vyatta as a router and transparently perform url filtering and netflow statstics, however I can not wrap my head around how to make this work as a bridge. I have read the bridging is done at the network level but is there a way to simulate bridging using routing/NAT, etc. I would appreciate any help.

In the diagram, rtr address is 192.168.2.1
vyatta-transparent-filter.jpg
0
Comment
Question by:Hamptonite
2 Comments
 
LVL 11

Accepted Solution

by:
donmanrobb earned 2000 total points
ID: 35153015
It's simple enough to setup a bridge on vyata, for example

vyatta@R1# set interfaces bridge br0 address 192.168.2.22/24
vyatta@R1# set interfaces ethernet eth0 bridge-group bridge br0
vyatta@R1# set interfaces ethernet eth1 bridge-group bridge br0
vyatta@R1# commit

Would bridge eth0 & eth1 and give it an IP
0
 
LVL 71

Expert Comment

by:Qlemo
ID: 35373068
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Unable to change the program that handles the scan event from a network attached Canon/Brother printer/scanner. This means you'll always have to choose which program handles this action, e.g. ControlCenter4 (in the case of a Brother).
This article will show you step-by-step instructions to build your own NTP CentOS server.  The network diagram shows the best practice to setup the NTP server farm for redundancy.  This article also serves as your NTP server documentation.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question