I emailed about this once in the past, not sure I got a real definitive answer, so I dropped it, but not I would like to implement this.
We use Squid utilizing WCCP, currently just service cache (port 80) redirection. I would like to redirect 443 to the squid proxy as well (I know you cant cache it). I just want squid to make the request on behalf of the employee, so I can also log https visits. So for example, I could block access to lets say www.microsoft.com using squid and employees would get blocked cause port 80 is redirected via wccp to the proxy server, but they could visit https://www.microsoft.com because its not configured to go to the proxy via wccp. I understand we need to configure the router, but what different should be don on the proxy server? We have the correct iptables rules setup to dnat port 80 to 3128, I assume this is not as easy as doing a 443 to 3128. Regards, Nick
