SWGFL Transparent Proxy woes
I was very excited by the news that SWGfL our rbc are offering a transparent proxy module for free as part of their services - that would really move us forward with mobile devices and is just what we need. BUT I had notification from them that can only implement this if my internal and external domain names are different - which they currently aren't! I have all manner of services/certificates etc. running, including Exchange 2010, which could be badly affected by a domain name change and the thought fills me with dread.
I have read that many of you have setup transparent proxies with vlans and was wondering whether this was straightforward bearing in mind we only have cheap HP L2 switches (2510G)? I really don't know what I am doing and apologise for this but do I simply;
- tag a vlan on the ports which my Ruckus access points are connected to.
- setup a new wlan in the ruckus controller which is linked to the tagged vlan.
- change our squid box proxy to transparent and somehow capture only the requests on the tagged vlan.
The bits that then confuse me are what do I do about IPs for the vlan? do the connected mobile devices have a completely different IP to my IP range or do I use 2 dhcp servers so they use ranges from our existing range? How do I sort out the DNS issue as this is the reason for the swgfl insistence that I change domain names... and how do I get the squid box to talk to the upstream swgfl proxy without an L3 switch?
I have been scouring info on Google but its almost the simplest questions that I'm having trouble finding answers for.
Thanks in advance