NethServer 7.4 Transparent SSL Mode Problems

IPTeam_Six · March 2, 2018, 9:45pm

Hi Guys.

We are testing the NethServer solution, it looks amazing what you guys have done so far !

The issue we are facing off is a little be tricky

On our lab we have:

DELL Server R720 RAID

As a main OS we run vSphere ESXi 6.5

Nethserver runs as a virtual machine.

Server is connected to a MikroTik Routerboard on Port ethernet1 (Server) From ether2 (MikroTik RB)

The problem is, we kinda need to set the NethServer as a Transparent Proxy SSL so we won’t have to install CA to any clients, our lab has 5 Laptops for test purposes.

Ever since NS 7 got out I’ve reading about squid peak and splice solution so you won’t need to get to install any CA to Costumer Browser.

What we need to accomplish is:

Get to work NethServer 7.4 with our MikroTik I’m aware we need tu setup rules on MikroTik in order to NAT or redirect all traffic from NS7 to Test Laptops.

So, if you guys can give a straight example of the NS7 running wiht MikroTik I’d appreciate it

Thanks in advanced

Michael

alexcsilva · March 2, 2018, 10:22pm

Have you tried putting the VM card in promiscuous mode?

IPTeam_Six · March 2, 2018, 11:48pm

Thanks for reply Alex

Well I’ve been diggin way to deep and seems like I got the solution, how ever I got problem with the NS7, not sure if Transparent mode SSL is caching content. Mind if you take a look ?

filippo_carletti · March 3, 2018, 8:52am

http traffic can be cached (subject to having enabled cache in the configuration page)
https traffic can’t be cached, it’s encrypted, the proxy can’t see what’s inside the connection.

IPTeam_Six · March 3, 2018, 5:27pm

How about the Peak and Splice workaround ?

alefattorini · March 8, 2018, 2:21pm

Hi Michael, welcome here!
What do you mean? Could you add more details?