Solved

Best open srouce Transperent Proxy to be used along with Cisco ASA5505

Posted on 2014-09-11
5
196 Views
Last Modified: 2014-10-20
Hi Experts,

My set up would be as follows;


```````````````````````````````````````````````````````````````
Public <<>> Cisco ASA <<>> (eth0)Transparent Proxy(eth1) <<>> Client
                                                                                                             >> Server(HTTP)
```````````````````````````````````````````````````````````````

`````````````````````````````````````
ASA outside: x.x.x.x
ASA inside: 192.168.1.254

Proxy eth0: 192.168.1.253
eth0 gateway: 192.168.1.254
Proxy eth1: Bridge

Client IP: 192.168.1.10
Client Gateway: 192.168.1.254
DNS: Internal DNS server + ISP DNS

Server IP: 192.168.1.11
Server Gateway: 192.168.1.254
DNS: Internal DNS server + ISP DNS
````````````````````````````````````
My requirements:
1. Client should be able to brows the Internet through the proxy
2. HTTP traffic should be able to forward to the internal web server

I have tried several open source products such as Zentyal, Untangle, but so far it's didn't work.
Can you please advise me on this ? Any recommendations/Howtos on anything products ?

Thanks a lot for your time !
0
Comment
Question by:Shakthi777
5 Comments
 
LVL 57

Assisted Solution

by:Pete Long
Pete Long earned 250 total points
ID: 40318751
If it were my project, I would buy Websense - and itegrate that with the ASA (I do like websense,  but some find it a little expensive) the ASA traditionally only supports N2H2 and Websense, but that does NOT stop you deploying another proxy filtering solution behind the firewall and pointing your internal clients at that.

I'd NOT recommend anyhting WCCP based, they always tend to be a bit clunky (sorry Cisco).

PL
0
 
LVL 2

Accepted Solution

by:
vpnttg earned 250 total points
ID: 40318911
Please check “Cisco ASA and Squid with WCCP2”:
http://wiki.squid-cache.org/ConfigExamples/Intercept/CiscoAsaWccp2
0
 
LVL 11

Expert Comment

by:sumeshbnr
ID: 40318947
Please describe HTTP traffic should be able to forward to the internal web server .It is not clear
0
 
LVL 7

Expert Comment

by:unfragmented
ID: 40318963
seconding squid and wccp.  For free/open source its pretty hard to beat.
0
 

Author Closing Comment

by:Shakthi777
ID: 40391409
Thanks !
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cisco WRVS4400N 11 38
nested esxi, NIC issues 1 34
Diagnosing Ethernet network problems on Windows 2012 R2? 3 51
software inventory tools 3 40
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
For months I had no idea how to 'discover' the IP address of the other end of a link (without asking someone who knows), and it drove me batty. Think about it. You can't use Cisco Discovery Protocol (CDP) because it's not implemented on the ASAs.…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question