As I wrote, you just don't understand how all this stuff works
Let me try to explain to you:
- if you use transparent proxy, then HTTPS goes directly to default gateway (here Zentyal) and bypasses HTTP prxy. This does mean that proxy access control can
NOT be used in case you implement transparent proxy. If controlling access to HTTPS is a must, then using explicit proxy is
mandatory and control is done at proxy level.
- if for some reason you don't want or can't use explicit proxy, you can only implement some workaround at firewall and/or DNS level but this will never block everything like proxy could do. Blocking access using IP at proxy level is not relevant here as you don't use proxy for HTTPS
- There is nothing magic: you can't have benefit of both "transparent" and "explicit" proxy and you have to decide which one is best for you. But once decision is made, do not complain that you don't have benefit of the other design
- Last but not least: one specific design could help you (although such approach requires to have very clear understanding of how this works): stack Zentyal with another "external" proxy implementing "man-in-the-middle" so that you can catch HTTPS transparently and aplly filtering rules.
BTW why do you write that you didn't get any answer? I can see multiple members having tried to explain to you how this works. Do you mean "no one provided me with the magic configuration I'm looking for" ? Sure, this doesn't exists, that's it...