Solved

Network fundamentals

Posted on 2014-01-16
4
404 Views
Last Modified: 2014-01-31
I have inherited a network that has a proxy appliance. One side of the proxy appliance is plugged into the LAN and the other into the Firewall. Some of the client machines on the network are configured with proxy details in their browser and everything works as normal.

Some of the users do not have proxy details but they can still get out on the web. They are using a default gateway of the router that is attached to the proxy appliance. Regardless of what way the proxy appliance is setup I am confused as to how the users can even find the firewall!  even if the proxy appliance is incorrectly configured and wide open I would have thought no one should be able to contact the firewall as it is not directly plugged into the LAN.

Any ideas how I can see how this is occuring. I have checked arp tables wireshark etc.
0
Comment
Question by:Sid_F
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 26

Assisted Solution

by:pony10us
pony10us earned 150 total points
ID: 39785845
If the firewall is physically isolated (only connection is to the proxy appliance) then it is not possible to bypass the proxy.  Even though the information is not supplied in the browser settings.

If you have the proxy blocking/filtering a specific website then try to get to that site both with the proxy settings in place and not. You should be blocked both ways.
0
 
LVL 8

Accepted Solution

by:
Surrano earned 200 total points
ID: 39786678
sounds like the proxy acts as an ordinary gateway between LAN and the firewall. Try to traceroute (*nix) or tracert (windows) the firewall's IP and check the routing tables as well on a machine that "bypasses" the proxy and see how it is routed.
If it is routed through the proxy then the proxy acts as a gateway (it shouldn't).
If it is routed through different nodes then you'll see where to look for the gateway.
If the gateway is accessed directly (i.e. listed as first and only hop in traceroute) then it is on the same LAN as the clients and whatever switches/routers are in place should segregate them.
0
 
LVL 8

Assisted Solution

by:amatson78
amatson78 earned 150 total points
ID: 39794432
I would recommend running Packet Captures on the firewall and proxy appliance to see if and how traffic is flowing through the proxy. What type of proxy appliance is this? Are there any other cable terminations from the firewall to the LAN? The proxy may just be routing traffic, what is the route table of the proxy?

Cheers,
Alan
0
 
LVL 6

Author Closing Comment

by:Sid_F
ID: 39823834
Thanks
0

Featured Post

Webinar June 1st - Attacking Ransomware  

The global cyberattack that corrupted hundreds of thousands of computer systems on May 12th had a face, name, & price tag that we’ve seen all too often in recent years: Ransomware. With the stakes – and costs – of a ransomware attack higher than ever, is your business prepared ?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Exchange 2016 4 65
how to add AVG to a network workstation using AVG Admin Console? 2 35
external website is 16 41
3Com 4500G doesn't keep IP configuration 4 16
Resolve DNS query failed errors for Exchange
I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

710 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question