[squid-users] multihomed vpn

Hi there I am using squid 2.6.STABLE5 that comes in debian etch We just installed a VPN and noticed a slow speed, so just added a second adsl connection straight to the lans swith and added it to the clients gateway configuration. I want to redirect the vpn servers http traffic to that new router and keep the first adsl connection just for the vpn. squid is running on the vpn server currently, and I have this to redirect 80 to 3128 for transparent squid iptables -t nat -A PREROUTING -i eth1 -s 192.168.2.0/24 -p tcp --dport 80 -j REDIRECT --to-port 3128 It works, but the problem is that, squid itself is going into the vpn and through the first adsl connection for the internet, and not to the second adsl connection. looking at squid.conf I tried dns_nameservers 192.168.2.254 # ip for the second adsl router but squid is just getting dns from there, but all http traffic is still going in from the first router sharing traffic with the vpn then, I tried to run this from the vpn server iptables -t nat -A POSTROUTING -o eth0 -p tcp --dport 80 -d 192.168.1.254 but I dont see it working as expected. I guess another option is to add a third nic to the vpn server and route :80 from squid to it? or maybe using another linux server to run squid in it, I still need an iptables rule to sent traffic from the vpn server to the new one. If you can help me with any of the options mentioned, or another you believe is better, I will greatly appreciate it thanks btw this is a small diagram of the current setup, just dont rant too much about security lol [LAN] --- [SWITCH] --- [OPENVPN & SQUID] ---[ADSL 1] -- [INTERNET] | [ADSL 2] | [INTERNET] ____________________________________________________________________________________ Be a better Globetrotter. Get better travel answers from someone who knows. Yahoo! Answers - Check it out. http://answers.yahoo.com/dir/?link=list&sid=396545469
Received on Mon Oct 01 2007 - 16:50:30 MDT