0

I have a proxy service, i want to configure it as a gateway. Means, I am running a VPN service and want to pass all my client's traffic through this proxy. But i don't want to configure this proxy on client end. Niether want to configure any CA certificate for SSL websites. Like this Client -> VPN -> Proxy -> Website

Is there anyway to achieve this?

Sohaib
  • 1
  • 1
  • Proxies and gateways are two different things and operate at different OSI layers. You cannot make a “proxy” be a “gateway.” What you can do is setup a “full tunnel” VPN connection and implement a “transparent proxy” on the remote (VPN server side) network. – Appleoddity Dec 20 '22 at 05:00
  • I tried squid proxy as a transparent proxy, but it requires to have CA certificates at client end. this actually cannot be done in my scenario, as my client wont accept this. is there any other proxy which does not require to have CA and still work as transparent proxy? Is there any other way i can just forward my client's 80 and 443 traffic to proxy ? – Sohaib Dec 20 '22 at 09:34
  • A transparent proxy does not require certificates. An SSL inspecting proxy does. If you do not desire to decrypt encrypted traffic then you would not have a certificate issue. This sounds like an [XY problem](https://xyproblem.info/). You’re not really telling us what you’re trying to do. You’re just assuming the way you’ve chosen will you get you there. – Appleoddity Dec 20 '22 at 14:37
  • I have VPN server running on centos7, with openvpn and strongswan. I have multiple clients which connect to that server. now what i want is to add proxy server with my VPN server so that all the 80 and 443 (http and https) traffic go through that proxy. all the other traffic may go from server's gateway. for I tried to configure squid as transparent proxy, but for https traffic it requires to have CA certificates on client side which i dont want to do. I hope this clear the my problem what i am actually looking for – Sohaib Dec 20 '22 at 16:50
  • Hi, I am able to achieve this using redsock proxy. https://github.com/darkk/redsocks – Sohaib Jan 10 '23 at 17:20

0 Answers0