Without even knowing it, most of us are using web applications on a daily basis. Gmail and Yahoo email, Twitter, Facebook, and eBay are used by most of us daily—and they are web applications. We often confuse these web applications tools for websites. So, what is the difference?
Solved
Different Gateways for Data and Internet Traffic (web proxy)
Posted on 2013-01-08
Hi,
i would like to change data and Internet traffic by adding different gateways.
current network setup:
- internet is connected to firewall outside interface (122.133.121.120)
- firewall Inside interface (192.168.10.254 ) is connect to L3 (HP Procurve) swithch (192.168.10.1 ) and (192.168.20.1 - LAN)
- we have vlans configured on L3 switch and L3 switch is acting as Gateway for LAN machines.
- firewall LAN interface (192.168.10.1) is acting as GW for L3 switch.
* All data (vpn also) and internet traffic is passing through L3 and then Firewall at this moment.
- I configured Proxy server using TMG. ( TMG lan interface is having 192.168.20.2 without Gateway and WAN interface is having Public IP address.
i like to add routes as below:
1) All IP/Data traffic ( or ) traffic coming from 192.168.20.0 should pass through 192.168.20.1.
2) remaining all traffic (internet ) should pass through Proxy Server (TMG).
we are using HP Procurve 2910al switch.
much appreciate if any body help me to setup.
many thanks.
i would like to change data and Internet traffic by adding different gateways.
current network setup:
- internet is connected to firewall outside interface (122.133.121.120)
- firewall Inside interface (192.168.10.254 ) is connect to L3 (HP Procurve) swithch (192.168.10.1 ) and (192.168.20.1 - LAN)
- we have vlans configured on L3 switch and L3 switch is acting as Gateway for LAN machines.
- firewall LAN interface (192.168.10.1) is acting as GW for L3 switch.
* All data (vpn also) and internet traffic is passing through L3 and then Firewall at this moment.
- I configured Proxy server using TMG. ( TMG lan interface is having 192.168.20.2 without Gateway and WAN interface is having Public IP address.
i like to add routes as below:
1) All IP/Data traffic ( or ) traffic coming from 192.168.20.0 should pass through 192.168.20.1.
2) remaining all traffic (internet ) should pass through Proxy Server (TMG).
we are using HP Procurve 2910al switch.
much appreciate if any body help me to setup.
many thanks.
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
-
6
5
4
15 Comments
I think you just need to apply a proxy to all the clients (either by gpo or manually)
and point that to the TMG.
and point that to the TMG.
Thanks for quick response,
but, what about websites running between VPN's . can we still access those sites,if i use GPO for poxy.
but, what about websites running between VPN's . can we still access those sites,if i use GPO for poxy.
i think it would be easy, if we route traffic on L3 switch right.
no need to make changes in GPO and we leave by configuring Transparent Proxy.
Thanks,
no need to make changes in GPO and we leave by configuring Transparent Proxy.
Thanks,
Active 1 day ago
You should be able to set the default route to 192.168.20.2 (the TMG proxy) and then setup routes for all other subnets pointing to 192.168.20.1.
This assumes that the TMG box is configured so that it will act as a transparent proxy and a router/GW at the same time.
This assumes that the TMG box is configured so that it will act as a transparent proxy and a router/GW at the same time.
Thanks for response,
i got it. but,
i used the following commands
- ip route 192.168.0.0 255.255.255.0 192.168.20.1 ( for data and internal websites)
- ip route 0.0.0.0 0.0.0.0 192.168.20.2 ( for internet )
these commands didn't worked for me.
can you tell me commands or any example commands for my setup.
Thanks
i got it. but,
i used the following commands
- ip route 192.168.0.0 255.255.255.0 192.168.20.1 ( for data and internal websites)
- ip route 0.0.0.0 0.0.0.0 192.168.20.2 ( for internet )
these commands didn't worked for me.
can you tell me commands or any example commands for my setup.
Thanks
Active 1 day ago
I re-read your question.
First please do answer setasoujiro's questions.
Second, you posted these two requirments:
1) All IP/Data traffic ( or ) traffic coming from 192.168.20.0 should pass through 192.168.20.1.
2) remaining all traffic (internet ) should pass through Proxy Server (TMG).
What do you mean by "IP/Data" and "Internet"? "Internet" is not a type of traffic, the type of traffic on the Internet is "IP" and typically carriers data.
Routing tables send things based on the IP address of the destination, not based on the type of traffic and the destination.
First please do answer setasoujiro's questions.
Second, you posted these two requirments:
1) All IP/Data traffic ( or ) traffic coming from 192.168.20.0 should pass through 192.168.20.1.
2) remaining all traffic (internet ) should pass through Proxy Server (TMG).
What do you mean by "IP/Data" and "Internet"? "Internet" is not a type of traffic, the type of traffic on the Internet is "IP" and typically carriers data.
Routing tables send things based on the IP address of the destination, not based on the type of traffic and the destination.
sorry,
Data traffic is ok.
but,
unable to access local sites (inter-company) and internet is also not working.
Data traffic is ok.
but,
unable to access local sites (inter-company) and internet is also not working.
the other sites connected over vpn... shouldn't they be included in your routes?
It seems to me they are included in the 0.0.0.0 and that won't work.
It seems to me they are included in the 0.0.0.0 and that won't work.
Active 1 day ago
Are there other IP subnets on your internal network?
If so, then you need static routes defined pointing to the the correct router/GW. 192.168.20.1?
If so, then you need static routes defined pointing to the the correct router/GW. 192.168.20.1?
If data traffic is working through .2, then this would be fine.
but as i said you would need to add the other sites as well in the routing table. Otherwise it will go to the TMG.
And for the "internet", are you sure the correct route is followed? do a traceroute and see what happens?
but as i said you would need to add the other sites as well in the routing table. Otherwise it will go to the TMG.
And for the "internet", are you sure the correct route is followed? do a traceroute and see what happens?
Featured Post
With the increasing importance of apps & networks in both business & personal interconnections, perfor. has become one of the key metrics of successful communication. This ebook is a hands-on business-case-driven guide to understanding MySQL query parameter tuning & database perf
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
When you try to share a printer , you may receive one of the following error messages.
Error message when you use the Add Printer Wizard to share a printer:
Windows could not share your printer. Operation could not be completed (Error 0x000006…
WARNING:
 If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!!
I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special.
It's completely agentless, but does let you create an agent, if you desire.
It offers powerful scalability …
Suggested Courses
Course of the Month9 days, 15 hours left to enroll
722 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.