My company uses an HTTP Proxy, so I had to configure several config-files of my tools to access the internet via the the Proxy.
When users are at home, they won't be able to use that proxy (except when they use the VPN connection). Is it possible to simulate that proxy (same address, same port) but using the direct home connection of users?
Are there any better ways to handle this kind of proxy / mobile user situation?
Best Answer
I'm guessing that you're carrying a laptop home from work (and carrying home this proxy configuration with you).
If you control your own router and DNS server at home you can pull this off pretty easily. If not, then you might be better off just unconfiguring the proxy when you're home.
You'll need a proxy to use. If you've got a spare box to put Linux on at home, you can spin up something like IPCop Linux or any number of other small Linux distros that come with the Squid Cache proxy. Be sure that you've got Squid enabled and working before you proceed.
If you refer to the proxy by DNS name (i.e. "proxy.company.com") then you'll need to get that name to resolve on your home LAN. The easiest way to do that is to setup a DNS server on your home LAN and create a zone for "proxy.company.com" with an A record referring to the name "@" and the IP address of your proxy machine.
If you refer to the proxy by IP address you're going to have to do some network address translation games. At this point, you're probably best off using a Linux-based machine as your router / gateway to the Internet. You can do a NAT rule in the iptables firewall to translate requests to an example company proxy server at 123.4.5.6, port 8080 to the local Squid cache, port 3128, like so:
iptables -t nat -A PREROUTING -d 123.4.5.6 --dport 8080 -j REDIRECT --to-ports 3128
This is going to be a learning experience for you if you're not familiar with how DNS, proxies, etc work.