Chris Bagnall wrote:
>>> How, if at all, would I go about configuring this? Essentially IPcop
>>> does not need to act as a firewall, it has to pass the IPsec traffic
>>> through to the m0n0 box. It only needs to act as a proxy. Should I
>>> just ditch the m0n0 in favor of IPcop? Hate to do it.
> As someone who moved from IPCop to m0n0wall a few years ago, I'd strongly advise against going
> Your best bet might be to use a bog-standard linux box in a separate subnet running squid. Set up
rules to push everything on port 80 from the three LANs through the squid box and you should achieve
the transparent caching you desire. It's been a good 4 or 5 years since I last worked with squid,
but I do remember it working fairly successfully.
Excellent suggestion that never even crossed my mind. Thanks! I will
give that a shot. Any ideas how I might direct HTTP traffic through that
box though? Outbound rules on a per internal interface basis?