Hi there
I am using squid 2.6.STABLE5 that comes in debian etch
We just installed a VPN and noticed a slow speed, so just added a second adsl
connection straight to the lans swith and added it to the clients gateway
configuration.
I want to redirect the vpn servers http traffic to that new router and keep the
first adsl connection just for the vpn.
squid is running on the vpn server currently, and I have this to redirect 80 to
3128 for transparent squid
iptables -t nat -A PREROUTING -i eth1 -s 192.168.2.0/24 -p tcp --dport 80 -j
REDIRECT --to-port 3128
It works, but the problem is that, squid itself is going into the vpn and
through the first adsl connection for the internet, and not to the second adsl
connection.
looking at squid.conf I tried
dns_nameservers 192.168.2.254 # ip for the second adsl router
but squid is just getting dns from there, but all http traffic is still going
in from the first router sharing traffic with the vpn
then, I tried to run this from the vpn server
iptables -t nat -A POSTROUTING -o eth0 -p tcp --dport 80 -d 192.168.1.254
but I dont see it working as expected.
I guess another option is to add a third nic to the vpn server and route :80
from squid to it?
or maybe using another linux server to run squid in it, I still need an
iptables rule to sent traffic from the vpn server to the new one.
If you can help me with any of the options mentioned, or another you believe is
better, I will greatly appreciate it
thanks
btw this is a small diagram of the current setup, just dont rant too much about
security lol
[LAN] --- [SWITCH] --- [OPENVPN & SQUID] ---[ADSL 1] -- [INTERNET]
|
[ADSL 2]
|
[INTERNET]
____________________________________________________________________________________
Be a better Globetrotter. Get better travel answers from someone who knows.
Yahoo! Answers - Check it out.
http://answers.yahoo.com/dir/?link=list&sid=396545469
