Question : Proxy setup - remove default gateway from DHCP

Hi,

I am currently installing a proxy solution to manage. filter and control the usage of internet by the employees where I work.

The current setup was that employees who need internet go directly to the firewall/gateway and go to the internet, and those who are not allowed have dummy proxies entered in the IE setup and this setting was blocked via the registry base so they cannot remove it.

Then I finally convinced the management here to install a proxy solution (I am using CCPROXY which is an inexpensive software perfect for 50 or less employees) to mange access.
Now I can create security groups and give access.

Here is what I need to have :

sales people needs to have partial access so I make a security group
accounting needs full access so I make a diferent security group with no restriction
management needs to be seamless and unmonitored so I cannot make them go through the proxy but still through the firewall/gateway.

what do I do after installing the proxy settings on all computers ?? .. do I simply remove the DHCP DEFAULT GATEWAY and put the gateway as the proxy on the management computers ?

Answer : Proxy setup - remove default gateway from DHCP

The easiest thing to do is to create a tranperent firewall redirect for the services your proxy supports, for
example:

Client going to the internet tries to go direct, hits the gateway. Gateway has a firewall rule saying if the packet is
for say web then send it to the proxy instead of out to the net. The proxy will then handle the request and the client
will know nothing, this works even if the client is not set to use the proxy.

Obviously the firewall must pass any web traffic from
the proxy though or you will have an infinate loop. It looks as if CCPROXY supports most common protocols so you
will be making a lot of rules, and you will need a firewall that supports transperant redirects but it is fairly easy to do.