Hi
I have a large network spanning across our town, each building having our own subnet.
I would like to capture all our internet traffic and redirect it to our new proxy server. Users will then have to authenticate and will have certain access rules applied to the traffic and content.
But there are a few snags...
Our ClearOS proxy server only accepts traffic from its subnet (192.168.20.0/24) and not from the network (192.168.0.0/16). This means that traffic to the proxy would have to be masqueraded so that it appears to come from the router's 192.168.20.xxx address. I don't want to masquerade all traffic because then some of my other servers don't report things properly (like SNMP).
As if that wasn't enough to stump me, there is another problem. Certain programs, like our Tax and Vehicle monitoring programs, simply don't work through a authenticated proxy so I would need to set the router NOT to redirect traffic to the proxy for those domains. I would also like certain equipment to be able to access the internet directly so that they can update their software and the like without any hinderance, perhaps by allowing an exception based on MAC addresses.
I have done some Google-ing but haven't really found a workable solution.
Anyone up for the challenge?
The router is a Mikrotik 750.
Thanks in advance.

Not sure it answers you... about ClearOS, shouldn't you be able to add your networks in the proxy? Here's one asking the same thing on the ClearOS forum:
http://www.clearfoundation.com/componen ... 340/#45342