Solved

firebox firewall - PC Default Gateway - External Proxy Server

Posted on 2009-07-16
5
914 Views
Last Modified: 2013-11-16
I have a Watchguard Firebox x1000.  
Is the only way to set-up a PC to connect to the Internet via the Firebox, to set the Default Gateway on the PC to the IP address of the Trusted Port on the Firebox ??
Is it not possible to just set the Proxy Server in Internet Explorer to the IP address of the Firebox ?
If not, is it possible to use an External Proxy Server which then connect via the Firebox ?
If this is not possible with the Firebox, are there any other "Hardware" Firewalls (e.g Cisco, Sonic, etc) that can act as a Proxy Server (As required in IE) ?
0
Comment
Question by:hqpsystems
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 24868516
Hi,

You able to use the cisco ASA or Router as a proxy server, it is easy to manage!

http://www.cisco.com/en/US/products/sw/secursw/ps1018/products_configuration_example09186a00800942fd.shtml
0
 
LVL 32

Expert Comment

by:dpk_wal
ID: 24870349
Firebox would not act as HTTP proxy as needed by you; also you cannot put the IP in IE.

You can use any third party proxy software (like squid) or hardware solution as the case be.

WG HTTP proxy means that WG does HTTP application layer inspection.

Thank you.
0
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 24872679
Hi,
Any another question?:)
0
 

Author Comment

by:hqpsystems
ID: 24903561
Would the Proxy  e.g Squid or MS ISA, have to be set-up as a transparent proxy ?

On the Firebox will authetication and Webblocker work OK.


0
 
LVL 32

Accepted Solution

by:
dpk_wal earned 500 total points
ID: 24906946
You can setup the proxy in any way you wish; as the proxy would be applied between the internal network and firebox.
The setup would be:
Internal network<--->Proxy<---->Trust[Firebox]External<--->Internet

Here if you configure proxy as transparent, the client are the ones who would have any effect.

In FB you would configure the HTTP proxy service as:
Enabled and allowed; from internal-IP-of-proxy; to ANY

All the proxy actions would be available for traffic inspection; including webblocker, AV and/or IPS.

Thank you.
0

Featured Post

RoboForm Secure Password Management System

RoboForm Everywhere - Superb Browser Support
Windows / Apple / IOS / Android / Linux / Chrome OS
Use different complex passwords everywhere
Best Secure Password Management by far
Synchronize all of your devices instantly
Safe, Secure & Highly Recommended!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Norton antivirus 11 102
Computer has been hijacked? 13 118
What is Ransomware? 16 109
two workstations infected with armsvc.exe 7 41
PREFACE The purpose of this guide is to provide information to successfully add specific IIS 7.0 role services for the Symantec Endpoint Protection Manager (SEPM) to function properly when installed on Windows 2008. AUDIENCE Information Technol…
PREFACE The purpose of this guide is to provide information to successfully install the MS SQL client tools for the Symantec Endpoint Protection Manager (SEPM) to function properly when installed on Windows 2008. AUDIENCE Information Technology…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question