Using the following syntax, everything works fine (but I don't think the Transparent Cache/Proxy is functioning as expected)


[Firewall Config]
net = ether1 # (192.168.51.176/24)
client1 = wlan1 # (192.168.1.1/24)
client2 = wpci1 # (192.168.2.1/24)
client3 = ether2 # (192.168.3.1/24)

forward tcp to 192.168.51.176 8080 from 192.168.1.0/24 to any 80 out via $client1
forward tcp to 192.168.51.176 8080 from 192.168.2.0/24 to any 80 out via $client2
forward tcp to 192.168.51.176 8080 from 192.168.3.0/24 to any 80 out via $client3


When I change my rules to come out via $net (ether1). The Transparent Cache/Proxy definitely works.
HOWEVER, it bypasses the Hotspot Login. Meaning anyone can now surf WWW using http without logging in.


[Firewall Config]
net = ether1 # (192.168.51.176/24)
client1 = wlan1 # (192.168.1.1/24)
client2 = wpci1 # (192.168.2.1/24)
client3 = ether2 # (192.168.3.1/24)

forward tcp to 192.168.51.176 8080 from 192.168.1.0/24 to any 80 out via $net
forward tcp to 192.168.51.176 8080 from 192.168.2.0/24 to any 80 out via $net
forward tcp to 192.168.51.176 8080 from 192.168.3.0/24 to any 80 out via $net

Lonnie/Tony any ideas?

Thanks!

You are redirecting the port 80 to your proxy machine, away from the Hotspot login. You cannot do proxy with hotspot on the same server.

For a future project we will look at getting the traffic hooks before the firewall, but for now we have no time to look at this.

You are redirecting the port 80 to your proxy machine, away from the Hotspot login. You cannot do proxy with hotspot on the same server.

For a future project we will look at getting the traffic hooks before the firewall, but for now we have no time to look at this.

Oh, okay. It would've been nifty to have both hotspot and proxy functionality.
Guess will just have to wait until you have time to get the traffic hooks done.

Thanks again!