Solved

firebox firewall - PC Default Gateway - External Proxy Server

Posted on 2009-07-16
5
878 Views
Last Modified: 2013-11-16
I have a Watchguard Firebox x1000.  
Is the only way to set-up a PC to connect to the Internet via the Firebox, to set the Default Gateway on the PC to the IP address of the Trusted Port on the Firebox ??
Is it not possible to just set the Proxy Server in Internet Explorer to the IP address of the Firebox ?
If not, is it possible to use an External Proxy Server which then connect via the Firebox ?
If this is not possible with the Firebox, are there any other "Hardware" Firewalls (e.g Cisco, Sonic, etc) that can act as a Proxy Server (As required in IE) ?
0
Comment
Question by:hqpsystems
  • 2
  • 2
5 Comments
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 24868516
Hi,

You able to use the cisco ASA or Router as a proxy server, it is easy to manage!

http://www.cisco.com/en/US/products/sw/secursw/ps1018/products_configuration_example09186a00800942fd.shtml
0
 
LVL 32

Expert Comment

by:dpk_wal
ID: 24870349
Firebox would not act as HTTP proxy as needed by you; also you cannot put the IP in IE.

You can use any third party proxy software (like squid) or hardware solution as the case be.

WG HTTP proxy means that WG does HTTP application layer inspection.

Thank you.
0
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 24872679
Hi,
Any another question?:)
0
 

Author Comment

by:hqpsystems
ID: 24903561
Would the Proxy  e.g Squid or MS ISA, have to be set-up as a transparent proxy ?

On the Firebox will authetication and Webblocker work OK.


0
 
LVL 32

Accepted Solution

by:
dpk_wal earned 500 total points
ID: 24906946
You can setup the proxy in any way you wish; as the proxy would be applied between the internal network and firebox.
The setup would be:
Internal network<--->Proxy<---->Trust[Firebox]External<--->Internet

Here if you configure proxy as transparent, the client are the ones who would have any effect.

In FB you would configure the HTTP proxy service as:
Enabled and allowed; from internal-IP-of-proxy; to ANY

All the proxy actions would be available for traffic inspection; including webblocker, AV and/or IPS.

Thank you.
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

As more computers now shipped with 64-bit version of Windows, more users are now using this Operating System.  So it's important to be aware how some 32-bit diagnostic tool works on these systems, so we know what to expect when analyzing the logs an…
PREFACE The purpose of this guide is to explain how to manually move a SEP client to a different client group by performing steps on the client-side. These steps may prove particularly useful because they allow the client to move after it has alrea…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question