Welcome, Guest. Please login or register.
Did you miss your activation email?
Tuesday 26 November 2024, 02:17:10 am

Login with username, password and session length

CLICK HERE for the The official Endian Roadmap and Issue tracker
14261 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  EFW SMTP, HTTP, SIP, FTP Proxy Support
| | |-+  how to add multiple IP in HTTP proxy access policy
0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: how to add multiple IP in HTTP proxy access policy  (Read 16359 times)
spmbalamurugan
Jr. Member
*
Offline Offline

Gender: Male
Posts: 8


« on: Thursday 29 September 2011, 11:07:34 pm »

Hi
i configured HTTP proxy. and its working fine.
My requirement is i neeed to set two different policy as i am described below.

1) 192.182.172.1-15 without proxy; but authentication method; full access permission
2) 192.182.172.16.-253 with proxy ; with authentication method ; with some content filtering
Logged
mrkroket
Hero Member
*****
Offline Offline

Posts: 495


« Reply #1 on: Friday 30 September 2011, 02:46:14 am »

It's not clear too me how do you want your setup.

Authentication method implies that you are using non-transparent proxy, but at the same time you said you want without proxy.
You can't use transparent with authentication method.


What you can do:
-Set Proxy to transparent, filter out computers by IP/MAC with the permissions you want.
-Set Proxy to non-transparent, create a first rule to allow all to IP's192.182.172.1-15, then create an rule with content filtering that applies to ALL.

Rules are executed in order, the first that meet the req's is fired.

Logged
spmbalamurugan
Jr. Member
*
Offline Offline

Gender: Male
Posts: 8


« Reply #2 on: Friday 30 September 2011, 04:47:09 pm »

Here I am explained clearly

1. I enabled "Not transparent Mode" and added the IP 192.182.172.1-15 under bypass transparent proxy
2.need to add rest of IPs in "Not transparent mode" with authentication method.

My problem is to add the rest IPs one by one. It's not looklike fair and also i requested to my customer for make the multiple sunbnet .But they don't accept.

My query is how to add IP range like other filewall ex: in fortigate i can add 192.168.x.[x-x] ,in Sonicwall from IP range and to IP range. Like that any idea to add IP range under HTTP proxy access policy.

Logged
mrkroket
Hero Member
*****
Offline Offline

Posts: 495


« Reply #3 on: Saturday 01 October 2011, 12:19:01 am »

As long as you managed the 1-15 range in the first rule, you can safely use 192.182.172.0/24 on the next rules.

I'm no sure if bypass transparent proxy applies on non-transparent.
The best way is creating two rules, as I said before.
Logged
mrkroket
Hero Member
*****
Offline Offline

Posts: 495


« Reply #4 on: Saturday 01 October 2011, 12:22:45 am »

If not, you can use a IP range to CIDR calculator:
http://www.webboar.com/tools/ip2cidr/

192.182.172.16-253 translates to
192.182.172.16/28
192.182.172.32/27
192.182.172.64/26
192.182.172.128/26
192.182.172.192/27
192.182.172.224/28
192.182.172.240/29
192.182.172.248/30
192.182.172.252/31
Logged
spmbalamurugan
Jr. Member
*
Offline Offline

Gender: Male
Posts: 8


« Reply #5 on: Monday 03 October 2011, 05:50:31 pm »

Thk u very much.... let me try and revert back to u
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.078 seconds with 19 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com