It automatically sets its own gateway for a WAN connection. It is the gateway associated with it's WAN subnet.

Hi Nick,

I work for a hospital and have around 4000 devices.
Cisco Layer3 switch is the core for all VLANs.

Currently use Cisco Firepower but I'd like to setup a proxy between users and the firewall, helps with caching of sites etc.

I've configured barracuda and other community/paid for proxies in the past but never used ClearOS (I assume is CentOS at the core).

40+ VLANs, multiple sites all routing to our core L3 switch...it's a very simple setup.

I was going to use wpad to route most Internet via this proxy.

If I can't set a gateway on a LAN interface to route traffic to our L3 gateway, but instead have to edit a config file to get this to work, then this isn't the product for us.

I'd like to thank you for your time.

Regards

Sorry but I am trying to work out your set up. Most people use ClearOS as a gateway device and that is the slant of a lot of the documentation, but I've had to work out your set up from your partial answers. Please feel free to suggest updates to the documentation.

As I said earlier, if ClearOS is in Standalone mode, you have to set the EXTRALANS parameter in /etc/clearos/network.conf for all the LAN's ClearOS does not know about (i.e everything but its WAN subnet). You can cheat a bit and add together LANs into a bigger subnet if you want. Do not use, configure or connect a LAN NIC, or if you do configure it, make sure it is on a completely different subnet from your other LAN subnets.

Nick Howitt wrote:

Is ClearOS your gateway? How is your LAN set up? Can you make a diagram, please?

Why would I set ClearOS as our gateway?? We have a L3 switch than has all VLANs, we have about 40 or so.

All I want is an active proxy server to filter content, I was hoping this solution would be a simple deployment but doesn’t appear to be.

Is there any chance of providing instructions in simple terms how to get the working?

The current instructions are not informative, confusing with lots of ‘fluff’ and direct details.
All I need is.
Click here and download these apps
Configure this, configure that.

Is ClearOS your gateway? How is your LAN set up? Can you make a diagram, please?

It was set to standalone - no firewall.
I changed it to Gateway mode, added another NIC as LAN with DHCP and nobody can contact the device on the LAN IP address.

If ClearOS is in Gateway mode, it can understand VLANs on its LAN. If it is in standalone mode, you'll need to add all your VLANs to the EXTRALANS parameter in /etc/clearos/network.conf (in CIDR format, space separated). I think this will automatically restart the proxy. Otherwise restart it manually.

Are you in Standalone or Gateway mode?

Replies not working??

Thanks for your quick reply.

What mode is the proxy running in non-transparent/non-authenticated)
Why are you using the External IP of the proxy? That's the only interface that can give me a gateway so multiple networks can access it.
LAN doesn't offer a gateway so can access it from another VLAN.

Is it in standalone mode? If you are in gateway mode you should be using the ClearOS LAN IP in the proxy settings.
How do other VLANs access it with no way of adding a gateway to the interface?

What mode is the proxy running in (transparent, non-transparent/authenticated or non-transparent/non-authenticated)? Why are you using the External IP of the proxy? Is it in standalone mode? If you are in gateway mode you should be using the ClearOS LAN IP in the proxy settings.

If you have a resonably fast internet connection check the docs and consider running the proxy cacheless. I hope to add a webconfig option for it soon.

In the bigger picture, ClearOS's recommended filtering solution is Gateway Management (https://gateway.managemant) which is more powerful, lighter on resources and faster.