GenieMaster
asked on
Netscreen Firewall 5GT Route
Hi All. We have a small network of about 45 computers and server and at present they are all simply setup so that they all point to the Default Gateway of the Netscreen 5GT firewall if wanting to go outside of our LAN ie to the world wide web (untrust). We have recently just downloaded a trial edition of GFI Web Monitor and installed it onto one of our servers. We want to assign certain users from specific ip addresses to be forwarded from the firwall to the GFI web Monitor so that these specific Ip Addresses can have the content filtered.
A way of doing it would be to point all of our computers to the GFI as the Default gateway before that goes out of the Netscreen. We do not want to do it this way. As we want to control the policies and traffic and schedueing from the Netscreen before going anywhere.
I assume all that need to be done is create a policy of some form that see traffic coming from these defined ip addresse, wanting to use port 80 or port 433 and therefore forward this traffic to the CFI Server's Ip Address rather than going straight out. I hope my details mentioned above make sense.
A way of doing it would be to point all of our computers to the GFI as the Default gateway before that goes out of the Netscreen. We do not want to do it this way. As we want to control the policies and traffic and schedueing from the Netscreen before going anywhere.
I assume all that need to be done is create a policy of some form that see traffic coming from these defined ip addresse, wanting to use port 80 or port 433 and therefore forward this traffic to the CFI Server's Ip Address rather than going straight out. I hope my details mentioned above make sense.
Sanga Collins
Policy based routing will allow you to do this. You can take traffic that matches a specific condition ( in this case HTTP and specific ip range or subnet ) and route it to the ip address of the web filtering server
ASKER
Hi Sangamc. Somone else mentioned that Policy Based routing is the easiest way to do this. I do not have a clue on how to do this. Can you please provide me a step by step guide on how to do this, that would be much appreciated.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks Sangamc. I am not familar at all with Netscreen as its all new to me. I have checked the link you provided and will try and see if there is a detailed step by step guide to set what I need. If any other experts are able to provide a detailed guide that would be much appreciated. Thanks
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.