Sorry for leaving this unattended, I was doing other tasks. Right now my NS7 proxy works like a charm, tough I’m having an issue with whatsapp been able to bypass proxy, but I set firewall rules to deny use of whatsapp to a limited number of terminals.
Right now my NS7 proxy server has 2 NIC, eth0 is green and eth1 is red. My proxy setup is set to Manual to both green and blue zones. This setting has some limitations, since my company has 2 shift, I cannot know which user browsed which URL. Not all my terminals (smartphones, industrial PC and the like) are domain joined. @mrmarkuz you suggest me to put this terminals to blue zone, I assume that you are telling me to create a new logical interface, presumingly a VLAN on eth0. However, I have some doubts, I need those terminals to be on my subnet (192.168.9.0/24) as I have other services beside proxy (ERP, mail …), I only setting this because most smart-phones don’t have a way to set up an authenticated proxy.