I happily run m0n0 boxes in a multiple site to site VPN. However, at one
site, the need now has arisen to implement a form of transparent proxy
for caching purposes, net filtering, and a few other features that m0n0
will not handle. The simple answer is to swap in a pfsense box, but this
is far from simple. It is a matter of caching windows updates, antivirus
updates, etc. IPcop was the best candidate.
Here is the issue, and I want to consult the forum before I dive into
it. I want to install the IPcop unit inline with the WAN before the
m0n0, and have it as a transparent proxy. Internally, there are three
separate LANs, so I would need three internally, or one external. That
choice was easy.
How, if at all, would I go about configuring this? Essentially IPcop
does not need to act as a firewall, it has to pass the IPsec traffic
through to the m0n0 box. It only needs to act as a proxy. Should I just
ditch the m0n0 in favor of IPcop? Hate to do it.
Hopefully someone has dealt with something similar.