Draytek 2820 - forcing traffic through proxy

[Ish]

Hi

We hava a proxy server for web filtering which the kids are getting around by using browsers on memory stick etc!

How do I set up rules in our Draytek to force all internet traffic through the proxy and block internet traffic taking a different route?

Thanks

 

[ruskie]

Hi

I'm not familiar with the latest Draytek models so I'm not sure what the config would be. Are you using a separate server for the proxy between your Internet and your LAN or exclusively Draytek? To connect to the proxy, do you enter the proxy details in IE? (e.g. Tools->Internet Options->Internet Options->LAN Settings->Proxy Server)

If its all done on the Draytek, you could change the Default Gateway IP address handed out by the DHCP server to a zero or a dummy IP address. That way, you kids are forced to go through the proxy.

 

[oap]

If your kids are that savvy, you will have problems, just resetting most routers negates any settings you implement. Just give them a beating ?

 

[bremen1874]

Have a look at the getting started guide (section 8.5.5) for GFI WebMonitor.

 

[sidethink]

The correct way to do this would be to have two NICs in your proxy server. One pointed at your LAN (for the kids), one attached to the router.

That way, they have no choice, their default gateway becomes the proxy and they can't see the router directly.

 

[Liquidfox]

As sidethink has said, a dual LAN setup would work perfectly. It's how all SBS2003 servers should have been set up and makes internet filtering a doddle

 

[#Chri5#]

How granular can the firewall rules be on a 2820?

Could you do this?

Drop all (or just HTTP/HTTPs) traffic from the IP range allocated to the PCs used by the kids?
Allow traffic from other IPs (eg your PC, proxy etc)

I get the feeling the setup is good enough that the kids don't have physical access to the Draytek so shouldn't be able to reset it.