Route HTTPS Traffic to upstream proxy
Wondering if someone can help me see if what I'm thinking is right and what the way arround it is.
I've been asked to make available guest wi-fi access in the sports hall, which I've agreed to providing I can ensure that the security of the rest of the network stands. So I decided, VLAN, dedicated box with DHCP, DNS, firewall and proxying traffic would be a good way to try and make it as simple as possible for guests coming in to access it. Now I've hit a problem.
I can get Squid to obviously transparently route the http traffic and realise I can't do the same with https without doing a MITM, but the traffic somehow needs to get from my routing/proxy box upto the ISP's proxy.
Am I trying to do something really stupid/impossible in trying to send the HTTPS traffic straight up to the ISP's proxy, or should I be able to do it but missing the obvious?
If not, what's the best way to proxy the internet traffic to ensure it's simple, secure but supports other devices (I'm thinking Android type devices with no proxy support)