[Webinar] Streamline your web hosting managementRegister Today


Netscreen Firewall 5GT Route

Posted on 2010-09-22
Medium Priority
Last Modified: 2012-05-10
Hi All. We have a small network of about 45 computers and server and at present they are all simply setup so that they all point to the Default Gateway of the Netscreen 5GT firewall if wanting to go outside of our LAN ie to the world wide web (untrust). We have recently just downloaded a trial edition of GFI Web Monitor and installed it onto one of our servers. We want to assign certain users from specific ip addresses to be forwarded from the firwall to the GFI web Monitor so that these specific Ip Addresses can have the content filtered.
A way of doing it would be to point all of our computers to the GFI as the Default gateway before that goes out of the Netscreen. We do not want to do it this way. As we want to control the policies and traffic and schedueing from the Netscreen before going anywhere.
 I assume all that need to be done is create a policy of some form that see traffic coming from these defined ip addresse, wanting to use port 80 or port 433 and therefore forward this traffic to the CFI Server's Ip Address rather than going straight out. I hope my details mentioned above make sense.  
Question by:GenieMaster
  • 2
  • 2
LVL 18

Expert Comment

by:Sanga Collins
ID: 33739752
Policy based routing will allow you to do this. You can take traffic that matches a specific condition ( in this case HTTP and specific ip range or subnet ) and route it to the ip address of the web filtering server

Author Comment

ID: 33744087
Hi Sangamc. Somone else mentioned that Policy Based routing is the easiest way to do this. I do not have a clue on how to do this. Can you please provide me a step by step guide on how to do this, that would be much appreciated.
LVL 18

Accepted Solution

Sanga Collins earned 1000 total points
ID: 33744293
It is way too much info to put into this post. Here is a link to a page describing how to set it up as well as how and why it works


you should also download the screenOS chapter on routing from the Juniper website. there is a very descriptive example on setting up PBR.

Author Comment

ID: 33747454
Thanks Sangamc. I am not familar at all with Netscreen as its all new to me. I have checked the link you provided and will try and see if there is a detailed step by step guide to set what I need. If any other experts are able to provide a detailed guide that would be much appreciated. Thanks
LVL 72

Expert Comment

ID: 34399070
This question has been classified as abandoned and is being closed as part of the Cleanup Program.  See my comment at the end of the question for more details.

Featured Post

Take Control of Web Hosting For Your Clients

As a web developer or IT admin, successfully managing multiple client accounts can be challenging. In this webinar we will look at the tools provided by Media Temple and Plesk to make managing your clients’ hosting easier.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…

590 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question