stop the direct browsing from router(D-2730)
18 views
Skip to first unread message
niraj vara
Jan 13, 2016, 10:46:54 AM1/13/16
to vglug
Hi
My one of friend having a Dlink router 2730 for internet and setup a proxy where he block and allow the sites.
When browser have the proxy all is working fine. but when anybody remove the proxy from browser and use the direct Internet. so they are able to access the everything.
Now he want that all the user request go via only the proxy.
Anybody have idea at router side what required to do so that direct request to router can be denied ????
Niraj M. Vara
Linux Administrator
Mavenvista Pvt. Ltd.
"DON'T TELL ME THE SKY IS THE LIMIT, THERE ARE FOOTPRINTS ON THE MOON"
Linux Administrator
Mavenvista Pvt. Ltd.
"DON'T TELL ME THE SKY IS THE LIMIT, THERE ARE FOOTPRINTS ON THE MOON"
Rahul Walunj
Jan 13, 2016, 12:52:36 PM1/13/16
to vg...@googlegroups.com
Transparent proxy might help you. End users gateway will act has proxy
--
Please read http://www.catb.org/~esr/faqs/smart-questions.html before posting.
You received this message because you are subscribed to the "Vibrant GNU/Linux User Group".
To stop receiving emails from this group, mail to VGLUG+un...@googlegroups.com
To post to this group, send email to VG...@googlegroups.com
For more options, visit this group at http://groups.google.com/group/VGLUG
---
You received this message because you are subscribed to the Google Groups "VGLUG" group.
To unsubscribe from this group and stop receiving emails from it, send an email to vglug+un...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
puli puli
Jan 14, 2016, 10:33:11 AM1/14/16
to vglug
If users are connecting from Windows client, let them restrict not to change proxy settings in browser through group policy or from registry.
Regards,
Bhautik karkar
Jan 18, 2016, 9:32:19 PM1/18/16
to vg...@googlegroups.com
In this case what you can do is set up the squid server as router itself so that all the traffic will be passed through it and it won't be possible to skip proxy server.
You can refer below link for more details on setup and detailed explanation.https://www.youtube.com/watch?v=zG51Pc8OP4M&list=PL8A83A276F0D85E70&index=33
Thanks & Regards,
Bhautik Karkar
9920343224
ElectroMech
Jan 18, 2016, 11:29:45 PM1/18/16
to vglug
Hi,
On Wed, Jan 13, 2016 at 5:18 PM, niraj vara <niraj...@gmail.com> wrote:
> Hi
>
> My one of friend having a Dlink router 2730 for internet and setup a proxy
> where he block and allow the sites.
>
> When browser have the proxy all is working fine. but when anybody remove the
> proxy from browser and use the direct Internet. so they are able to access
> the everything.
>
> Now he want that all the user request go via only the proxy.
>
> Anybody have idea at router side what required to do so that direct request
> to router can be denied ????
>
One can easily implement following. This require slight change to architecture
Add one more NIC in proxy.
internet ---------> router
------------>nic1[proxy]nic2------->switch=========>other computer
keep both network separate.
1. router -----------> nic1 example 10.0.0.1 and 10.0.0.2
2. nic2 ------------>switch your network may be 192.168.0.0/24
This will solve your problem, because nobody can directly connect to
router so access control will be done at proxy level.
Thanks and Regards.
>
>
>
>
> --
> Niraj M. Vara
> Linux Administrator
> Mavenvista Pvt. Ltd.
>
>
> "DON'T TELL ME THE SKY IS THE LIMIT, THERE ARE FOOTPRINTS ON THE MOON"
>
Nilesh Vaghela
(RHCSA RHCE)
ElectroMech Corporation
Redhat Channel Partner and Training Partner
Amazon aws consulting Partner
302, New York Plaza, Opp Judges Bunglow, Bodakdev, Ahmedabad
22, 1st Floor, Vardhaman Complex, Subhanpura , Baroda.
www.electromech.info
On Wed, Jan 13, 2016 at 5:18 PM, niraj vara <niraj...@gmail.com> wrote:
> Hi
>
> My one of friend having a Dlink router 2730 for internet and setup a proxy
> where he block and allow the sites.
>
> When browser have the proxy all is working fine. but when anybody remove the
> proxy from browser and use the direct Internet. so they are able to access
> the everything.
>
> Now he want that all the user request go via only the proxy.
>
> Anybody have idea at router side what required to do so that direct request
> to router can be denied ????
>
Add one more NIC in proxy.
internet ---------> router
------------>nic1[proxy]nic2------->switch=========>other computer
keep both network separate.
1. router -----------> nic1 example 10.0.0.1 and 10.0.0.2
2. nic2 ------------>switch your network may be 192.168.0.0/24
This will solve your problem, because nobody can directly connect to
router so access control will be done at proxy level.
Thanks and Regards.
>
>
>
>
> --
> Niraj M. Vara
> Linux Administrator
> Mavenvista Pvt. Ltd.
>
>
> "DON'T TELL ME THE SKY IS THE LIMIT, THERE ARE FOOTPRINTS ON THE MOON"
>
> --
> Please read http://www.catb.org/~esr/faqs/smart-questions.html before
> posting.
> You received this message because you are subscribed to the "Vibrant
> GNU/Linux User Group".
> To stop receiving emails from this group, mail to
> VGLUG+un...@googlegroups.com
> To post to this group, send email to VG...@googlegroups.com
> For more options, visit this group at http://groups.google.com/group/VGLUG
>
> ---
> You received this message because you are subscribed to the Google Groups
> "VGLUG" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to vglug+un...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
--
--
> Please read http://www.catb.org/~esr/faqs/smart-questions.html before
> posting.
> You received this message because you are subscribed to the "Vibrant
> GNU/Linux User Group".
> To stop receiving emails from this group, mail to
> VGLUG+un...@googlegroups.com
> To post to this group, send email to VG...@googlegroups.com
> For more options, visit this group at http://groups.google.com/group/VGLUG
>
> ---
> You received this message because you are subscribed to the Google Groups
> "VGLUG" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to vglug+un...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
--
Nilesh Vaghela
(RHCSA RHCE)
ElectroMech Corporation
Redhat Channel Partner and Training Partner
Amazon aws consulting Partner
302, New York Plaza, Opp Judges Bunglow, Bodakdev, Ahmedabad
22, 1st Floor, Vardhaman Complex, Subhanpura , Baroda.
www.electromech.info
niraj vara
Feb 19, 2016, 10:54:14 AM2/19/16
to vglug
Hi
Yes I did the same.
Route ---> live IP + 192.168.2.1
Proxy server have two nic
nic1 --> 192.168.1.254
nic2 --> 192.168.2.2
I am able to ping the 192.168.2.1 from the network 192.168.1.0/24 but not able to ping the google.
I have added the forward rule and enable
echo 1 > /proc/sys/net/ipv4/ip_forward
But still not able to ping the google.
ElectroMech
Feb 22, 2016, 1:18:39 AM2/22/16
to vglug
Hi,
You can not ping through proxy.
Check browsing.
Thanks and Regards.
You can not ping through proxy.
Check browsing.
Thanks and Regards.
Reply all
Reply to author
Forward
0 new messages