Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
530
Views
0
Helpful
4
Replies

Proxy for vrf transparent traffic

Abhisheka15
Level 1
Level 1

‎05-19-2023 10:00 AM

I need help for a Specific customer project. Currently we have MPLS with DC Singapore for the Intranet traffic & proxy >firewall for internet local Breakout.

now for a specific team 10 users we need to build separate network peering using VRF & local break out proxy >firewall.

we don’t want to spend money on proxy box so we proposed Squid proxy (if someone can recommend any easy solution for transparent proxy & its deployment? ). This proxy will be in global routing table & carry the internet traffic of vrf towards existing firewall. We cannot use existing proxy (as company standard).

Labels:
0 Helpful
4 Replies 4

amojarra
Cisco Employee
Cisco Employee

‎05-19-2023 11:42 PM

Hi @Abhisheka15 

in situations like this, I strongly advise umbrella. 

you can check this link for more information: Learn how to evaluate a cloud security provider - Cisco Umbrella

 

Regards,

Amirhossein Mojarrad

+++++++++++++++++++++++++++++++++++++++++++++++++++

++++   If you find this answer helpful, please rate it as such  ++++

+++++++++++++++++++++++++++++++++++++++++++++++++++

0 Helpful

Abhisheka15
Level 1
Level 1
In response to amojarra

‎05-20-2023 12:39 AM - edited ‎05-20-2023 12:39 AM

Umbrella does not suits our environment require investment. Squid seems free or minimum configuration solution.

0 Helpful

Flavio Miranda
VIP
VIP

‎05-20-2023 05:34 AM

Hi

 Another open source solution is Dansguardian. I used in the past but not sure how it is now a days.

"This proxy will be in global routing table & carry the internet traffic of vrf towards existing firewall. "

One point that calls my attention it this statement here. It would be interesting if you could draw a simple diagram on what you are planning to do so that people here can comment.  The way you put it, seems to me that the Proxy will take data from the VRF and transfer to the Global Routing Table ?  The firewall will have an interface on this brand new VRF you are putting this 10 users on ?

Are you using routing leak?  Does this 10 users will have communication with Singapure?

0 Helpful

M02@rt37
VIP
VIP

‎05-20-2023 06:44 AM

Hello @Abhisheka15,

I suggest HAProxy that excels at handling high volumes of traffic and distributing requests to backend servers.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.
0 Helpful
Customers Also Viewed These Support Documents