I’m trying to accomplish the following. Normally clients with IP addresses like 192.168.15.222 are not able to browse the Internet. There is just one IP (192.168.13.31) able to access the Internet.
I have a network 192.168.15.0/24 with Windows clients using a Linux box 192.168.13.31 as gateway. On the Linux box I configured SNAT using iptables like this:
Iptables –t nat –A POSTROUTING –p TCP –s 192.168.15.0/24 --dport 80 –j SNAT --to 192.168.13.31
After that I configured masquerading on the Astaro box and the windows clients can browse the Internet with IP 192.168.13.31. Everything works fine so far.
Now, I would like to use the ASL HTTP Proxy for these clients as well.
Astaro has a HTTP Proxy installed on port 3128 using user authentication. (I can not use a transparent proxy).
How can I DNAT all packages coming from 192.168.13.31 port 80 to the firewall proxy? I created the following rule:
Proxy_DNAT 192.168.13.31 -> All/HTTP None internal_Interface/SQUID_3128
While browsing from a Windows client to Goggle, I’m receiving the following error message:
While trying to retrieve the URL: /
The following error was encountered:
· Invalid URL
Some aspect of the requested URL is incorrect. Possible problems:
· Missing or incorrect access protocol (should be `http://'' or similar)
· Missing hostname
· Illegal double-escape in the URL-Path
· Illegal character in hostname; underscores are not allowed
I know there is an easier way the realize my plan, but I have some retractions I cannot get rid off. What did I wrong? Any suggestions?
This thread was automatically locked due to age.
