Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 870
  • Last Modified:

Netscreen Firewall 5GT Route

Hi All. We have a small network of about 45 computers and server and at present they are all simply setup so that they all point to the Default Gateway of the Netscreen 5GT firewall if wanting to go outside of our LAN ie to the world wide web (untrust). We have recently just downloaded a trial edition of GFI Web Monitor and installed it onto one of our servers. We want to assign certain users from specific ip addresses to be forwarded from the firwall to the GFI web Monitor so that these specific Ip Addresses can have the content filtered.
A way of doing it would be to point all of our computers to the GFI as the Default gateway before that goes out of the Netscreen. We do not want to do it this way. As we want to control the policies and traffic and schedueing from the Netscreen before going anywhere.
 I assume all that need to be done is create a policy of some form that see traffic coming from these defined ip addresse, wanting to use port 80 or port 433 and therefore forward this traffic to the CFI Server's Ip Address rather than going straight out. I hope my details mentioned above make sense.  
 
0
GenieMaster
Asked:
GenieMaster
  • 2
  • 2
1 Solution
 
Sanga CollinsSystems AdminCommented:
Policy based routing will allow you to do this. You can take traffic that matches a specific condition ( in this case HTTP and specific ip range or subnet ) and route it to the ip address of the web filtering server
0
 
GenieMasterAuthor Commented:
Hi Sangamc. Somone else mentioned that Policy Based routing is the easiest way to do this. I do not have a clue on how to do this. Can you please provide me a step by step guide on how to do this, that would be much appreciated.
0
 
Sanga CollinsSystems AdminCommented:
It is way too much info to put into this post. Here is a link to a page describing how to set it up as well as how and why it works

http://books.google.com/books?id=oRLniDWYwrMC&pg=PA383&lpg=PA383&dq=netscreen+policy+based+routing&source=bl&ots=VVfnrBw2HQ&sig=-QH-Jr017G2ojVC-A_i4NGwggo8&hl=en&ei=RVubTMTJGIH-8AaKm_DrDw&sa=X&oi=book_result&ct=result&resnum=5&ved=0CCIQ6AEwBA#v=onepage&q=netscreen%20policy%20based%20routing&f=false


you should also download the screenOS chapter on routing from the Juniper website. there is a very descriptive example on setting up PBR.
0
 
GenieMasterAuthor Commented:
Thanks Sangamc. I am not familar at all with Netscreen as its all new to me. I have checked the link you provided and will try and see if there is a detailed step by step guide to set what I need. If any other experts are able to provide a detailed guide that would be much appreciated. Thanks
0
 
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
This question has been classified as abandoned and is being closed as part of the Cleanup Program.  See my comment at the end of the question for more details.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now