• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 630
  • Last Modified:

Proxy IP to real IP conversion

I have a firewall Watchguard XTM-530 in the perimeter of Internet. The firewall will serve an entire building. The firewall has a content filter enabled, so the firewall must known who is the user sending a request to the Internet.

The clients computers have their own default gateway that connect to an MPLS, so the firewall can not be default gateway. I've installed a Squid proxy server but I can not see the real IP Addresses of the computers.

How can I solve it?
1 Solution
Can your default gateway do WCCP? Even a lowly Cisco 2600 is capable of doing WCCP. This would allow you to do transparent redirection which would send the real IP address to the firewall.
If you have placed your Squid Proxy (i fell that u might have) before the firewall for traffic going out to internet, you will not see actual users IP in firewall as all users connect to proxy and then proxy in-turn connects to internet to fetch the web page.

You can make use of a reporting tool/software for the Squid proxy to get you the user activity reports.



Else try one from the below link


Featured Post

What Security Threats Are We Predicting for 2018?

Cryptocurrency, IoT botnets, MFA, and more! Hackers are already planning their next big attacks for 2018. Learn what you might face, and how to defend against it with our 2018 security predictions.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now