Skip to main content

Routing Squid Traffic through OpenVPN

For a number of reasons I want to route the squid traffic on my home firewall to an external server through a vpn. This is my current network diagram at home. I have the firewall at home (Soekris 5501) which builds a VPN to an external server (let's say with ip 1.2.3.4).

The goal of the setup is to install a Squid proxy server on the internal interface of the firewall and route this traffic to the internet via the VPN tunnel to the external server. After installing squid 3 on Debian squeeze, we'll configure it to listen only on the internal interface on port 8080 by using the http_port 172.16.11.254:8080 directive.

Here is the script that I added to the --up and --down directives in OpenVPN.

What is also needed is to SNAT the traffic coming from tun0 on the server to the server's public ip.