Solved

firebox firewall - PC Default Gateway - External Proxy Server

Posted on 2009-07-16
5
854 Views
Last Modified: 2013-11-16
I have a Watchguard Firebox x1000.  
Is the only way to set-up a PC to connect to the Internet via the Firebox, to set the Default Gateway on the PC to the IP address of the Trusted Port on the Firebox ??
Is it not possible to just set the Proxy Server in Internet Explorer to the IP address of the Firebox ?
If not, is it possible to use an External Proxy Server which then connect via the Firebox ?
If this is not possible with the Firebox, are there any other "Hardware" Firewalls (e.g Cisco, Sonic, etc) that can act as a Proxy Server (As required in IE) ?
0
Comment
Question by:hqpsystems
  • 2
  • 2
5 Comments
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 24868516
Hi,

You able to use the cisco ASA or Router as a proxy server, it is easy to manage!

http://www.cisco.com/en/US/products/sw/secursw/ps1018/products_configuration_example09186a00800942fd.shtml
0
 
LVL 32

Expert Comment

by:dpk_wal
ID: 24870349
Firebox would not act as HTTP proxy as needed by you; also you cannot put the IP in IE.

You can use any third party proxy software (like squid) or hardware solution as the case be.

WG HTTP proxy means that WG does HTTP application layer inspection.

Thank you.
0
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 24872679
Hi,
Any another question?:)
0
 

Author Comment

by:hqpsystems
ID: 24903561
Would the Proxy  e.g Squid or MS ISA, have to be set-up as a transparent proxy ?

On the Firebox will authetication and Webblocker work OK.


0
 
LVL 32

Accepted Solution

by:
dpk_wal earned 500 total points
ID: 24906946
You can setup the proxy in any way you wish; as the proxy would be applied between the internal network and firebox.
The setup would be:
Internal network<--->Proxy<---->Trust[Firebox]External<--->Internet

Here if you configure proxy as transparent, the client are the ones who would have any effect.

In FB you would configure the HTTP proxy service as:
Enabled and allowed; from internal-IP-of-proxy; to ANY

All the proxy actions would be available for traffic inspection; including webblocker, AV and/or IPS.

Thank you.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are many HijackThis tutorials on the web already, so this article is about tips that help utilize HijackThis' full potential as a diagnostic tool. Download HijackThis from a TrendMicro link or from known reliable sources only. http://free.…
By the time you finish reading this article, you may have already lost all your money because you don't know the simple steps to securing your BitCoin wallet. BitCoin is an incredible invention. It is a decentralized currency system, which is the…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Many functions in Excel can make decisions. The most simple of these is the IF function: it returns a value depending on whether a condition you describe is true or false. Once you get the hang of using the IF function, you will find it easier to us…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now