Solved

firebox firewall - PC Default Gateway - External Proxy Server

Posted on 2009-07-16
5
827 Views
Last Modified: 2013-11-16
I have a Watchguard Firebox x1000.  
Is the only way to set-up a PC to connect to the Internet via the Firebox, to set the Default Gateway on the PC to the IP address of the Trusted Port on the Firebox ??
Is it not possible to just set the Proxy Server in Internet Explorer to the IP address of the Firebox ?
If not, is it possible to use an External Proxy Server which then connect via the Firebox ?
If this is not possible with the Firebox, are there any other "Hardware" Firewalls (e.g Cisco, Sonic, etc) that can act as a Proxy Server (As required in IE) ?
0
Comment
Question by:hqpsystems
  • 2
  • 2
5 Comments
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 24868516
Hi,

You able to use the cisco ASA or Router as a proxy server, it is easy to manage!

http://www.cisco.com/en/US/products/sw/secursw/ps1018/products_configuration_example09186a00800942fd.shtml
0
 
LVL 32

Expert Comment

by:dpk_wal
ID: 24870349
Firebox would not act as HTTP proxy as needed by you; also you cannot put the IP in IE.

You can use any third party proxy software (like squid) or hardware solution as the case be.

WG HTTP proxy means that WG does HTTP application layer inspection.

Thank you.
0
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 24872679
Hi,
Any another question?:)
0
 

Author Comment

by:hqpsystems
ID: 24903561
Would the Proxy  e.g Squid or MS ISA, have to be set-up as a transparent proxy ?

On the Firebox will authetication and Webblocker work OK.


0
 
LVL 32

Accepted Solution

by:
dpk_wal earned 500 total points
ID: 24906946
You can setup the proxy in any way you wish; as the proxy would be applied between the internal network and firebox.
The setup would be:
Internal network<--->Proxy<---->Trust[Firebox]External<--->Internet

Here if you configure proxy as transparent, the client are the ones who would have any effect.

In FB you would configure the HTTP proxy service as:
Enabled and allowed; from internal-IP-of-proxy; to ANY

All the proxy actions would be available for traffic inspection; including webblocker, AV and/or IPS.

Thank you.
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

So you got the Conficker. You could go to each machine and run the eye chart test (http://www.confickerworkinggroup.org/infection_test/cfeyechart.html), but in a bigger environment, or if you prefer to work smarter and not harder, you need some …
PREFACE The purpose of this guide is to explain what the SEPC Status Utility is and how it works. I have written the utility using AutoIt and have included the source code for your review. You are welcome to modify the code to your liking, but I wi…
This video discusses moving either the default database or any database to a new volume.
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now