NethServer 7.4 Transparent SSL Mode Problems

squid
proxy
v7

(IP Team Six) #1

Hi Guys.

We are testing the NethServer solution, it looks amazing what you guys have done so far !

The issue we are facing off is a little be tricky

On our lab we have:

DELL Server R720 RAID

As a main OS we run vSphere ESXi 6.5

Nethserver runs as a virtual machine.

Server is connected to a MikroTik Routerboard on Port ethernet1 (Server) From ether2 (MikroTik RB)

The problem is, we kinda need to set the NethServer as a Transparent Proxy SSL so we won’t have to install CA to any clients, our lab has 5 Laptops for test purposes.

Ever since NS 7 got out I’ve reading about squid peak and splice solution so you won’t need to get to install any CA to Costumer Browser.

What we need to accomplish is:

Get to work NethServer 7.4 with our MikroTik I’m aware we need tu setup rules on MikroTik in order to NAT or redirect all traffic from NS7 to Test Laptops.

So, if you guys can give a straight example of the NS7 running wiht MikroTik I’d appreciate it

Thanks in advanced

Michael


(Alex Carvalho) #2

Have you tried putting the VM card in promiscuous mode?


(IP Team Six) #3

Thanks for reply Alex

Well I’ve been diggin way to deep and seems like I got the solution, how ever I got problem with the NS7, not sure if Transparent mode SSL is caching content. Mind if you take a look ?


(Filippo Carletti) #4

http traffic can be cached (subject to having enabled cache in the configuration page)
https traffic can’t be cached, it’s encrypted, the proxy can’t see what’s inside the connection.


(IP Team Six) #5

How about the Peak and Splice workaround ?


(Alessio Fattorini) #6

Hi Michael, welcome here!
What do you mean? Could you add more details?