Currently, all the windows/linux/mac servers/machines behind our dept 2911 have proxy setup individually. (In browsers, etc).
With all the complaints about having to put customize each machine, I did some research.
Then I learned about "transparent proxy"
(1) So you can run web-squid on router and on a linux box?
(2) Can we achieve that with 2911(with PBR) or need WSA and a server to act as L4 switch?
Goal: I don't want end-clients to have any more configs beside default gw.
Thank you and http is running per below:
s#show adjacency tunnel 0 detail
Protocol Interface Address
IP Tunnel0 10.4.1.12(3)
16 packets, 1376 bytes
sourced in sev-epoch 35
Encap length 28
Next chain element:
IP adj out of GigabitEthernet0/2.10, addr 10.4.1.12
But now how do I put https through it as well?
Guides say I need to create CA and do all that SSL proxying. But I don't need to decrypt or intercept. Can I somehow put 443 behind 80?
Thanks a lot!
You could also consider using WPAD if you have an internal HTTP server and internal DNS.