I am using SoftEther as a VPN and Squid for proxy.
I want to forward this VPN to proxy and then to internet.
My basic requirement is like this.
SmartPhone---->VPN--->Squid--->Internet
|
|
V
internet access log
So far I have configured SofteEther VPN and it works as a normal vpn,
Squid is installed in server and it works when connected as a normal proxy.
I have tried to set iptables rules to forward vpn traffic to squid( ie from port 80 to 3128[squid listening port]), but it didn't worked.
I am not a well experienced person in this area, So I request you to help me find what I am doing wrong(or please let me know if this is not possible).
VPN and Squid is configured in Amazon EC2.
Best Answer
I have this set up actually, took me a while to set up too...
If you're using OpenVPN you can use my up/down script for OpenVPN/squid. You'll also need to set up BIND to go thru the VPN too:
Then create a folder, called proxyoff inside /etc/squid. Then set up the scripts in OpenVPN:
You'll need IPtables rules which control communication from squid and bind (you'll need to set up static routes for your VPN provider):
Add somewhere at the bottom of your http_access rules in squid, but BEFORE http_access deny all:
Also add, after http_port or after your http_access rules:
Set your nameservers so that they reflect a DNS server on the LAN which will go through the VPN or to an internet DNS server which'll go through the DNS by the iptables rules:
For example, I have my dns_nameservers as 3 Windows DNS servers which handle AD and then send any queries they don't know, back to BIND servers running on the same servers as the VPN.
Add a gateway failure for the localnet ACL in squid or rename the ACL and the ACL in the scripts:
Then just set up a proxy autoconfig:
Add this to /etc/named.conf under options (add forwarders to internet DNS servers but delete the root hints):
Add the VPN's IP to /etc/hosts:
And add the route:
You can see some of my other guides about proxying at https://pyronexus.com