Netscreen Firewall 5GT Route
Posted on 2010-09-22
Hi All. We have a small network of about 45 computers and server and at present they are all simply setup so that they all point to the Default Gateway of the Netscreen 5GT firewall if wanting to go outside of our LAN ie to the world wide web (untrust). We have recently just downloaded a trial edition of GFI Web Monitor and installed it onto one of our servers. We want to assign certain users from specific ip addresses to be forwarded from the firwall to the GFI web Monitor so that these specific Ip Addresses can have the content filtered.
A way of doing it would be to point all of our computers to the GFI as the Default gateway before that goes out of the Netscreen. We do not want to do it this way. As we want to control the policies and traffic and schedueing from the Netscreen before going anywhere.
I assume all that need to be done is create a policy of some form that see traffic coming from these defined ip addresse, wanting to use port 80 or port 433 and therefore forward this traffic to the CFI Server's Ip Address rather than going straight out. I hope my details mentioned above make sense.