EFW Support
Welcome,
Guest
. Please
login
or
register
.
Did you miss your
activation email?
Sunday 15 December 2024, 08:57:11 pm
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
Visit the official Endian Community Mailinglist
HERE
14261
Posts in
4377
Topics by
6517
Members
Latest Member:
Sandro
Search:
Advanced search
EFW Support
Support
EFW SMTP, HTTP, SIP, FTP Proxy Support
internal and external proxy/content filtering?
0 Members and 2 Guests are viewing this topic.
« previous
next »
Pages:
[
1
]
Author
Topic: internal and external proxy/content filtering? (Read 14780 times)
lschafroth
Jr. Member
Offline
Posts: 7
internal and external proxy/content filtering?
«
on:
Thursday 29 September 2011, 12:26:42 pm »
We currently use a Sonicwall firewall (shudder!) and a M86 content filter with its horrible constantly crashing Mobile client.
I would like to replace them with the Endian firewall. I was wondering if it would be possible to use the proxy server on the LAN and WAN port of the endian firewall to simulate a mobile client for the 1 to 1 laptops. (students)
I could use a url to access the the proxy. This way the internal DNS server points them to the internal LAN IP for the proxy server and content filtering.
I could then have a public dns setting that points them to the WAN interface to get proxy access and content filtering.
I can force the proxy settings on the Mac computers and configure firefox to do the same since it does not follow the rules of the OS proxy settings,
The M86 client causes about 4 kernal panics a day on the Mac computers. We use the Mac Open Directory/LDAP. We could have the students and staff authenticate to get to the internet.
Any suggestions?
We have a full class C of public WAN ips we could use.
Lannie
Logged
mrkroket
Hero Member
Offline
Posts: 495
Re: internal and external proxy/content filtering?
«
Reply #1 on:
Friday 30 September 2011, 03:02:50 am »
By mobile clients you mean people that are outside your net, on internet, or just people that uses a Local WiFi?
If everything is local you can just use BLUE zone to do all the Wireless stuff, and leave WAN for what it is, Internet Access.
If people is outside you area and you want they always have your content filtering enabled, maybe you can create a Port forwarding rule and send the data to Endian proxy (port 8080). Then on clients enable proxy and use the EndianIP:8080 as proxy. This maybe works, I don't know. But you must know that everybody on internet can reach that port, so you must ensure that authentication credentials are secure enough to avoid any misuse.
On external (roaming users) I never tried to give content filtering that way. I always created VPN clients to get my external users inside my Net, it's more secure.
The problem with that is that content filtering will be enable only when VPN tunnel is on.
Logged
lschafroth
Jr. Member
Offline
Posts: 7
Re: internal and external proxy/content filtering?
«
Reply #2 on:
Tuesday 04 October 2011, 02:17:38 pm »
The reason I want this is for 1 to 1 laptops. The laptops will use the LAN content filtering when at the school. When the students take the computers home for the night, I want them to be filtered outside of the network as well. The computers will be managed and they will be unable to change any proxy settings.
I assume I could have a dns entry for the internal side using a local dns server. Have that point to the LAN ip, then a public dns entry so when they are outside they get the wan ip.
Lannie
Logged
lschafroth
Jr. Member
Offline
Posts: 7
Re: internal and external proxy/content filtering?
«
Reply #3 on:
Wednesday 12 October 2011, 12:10:57 am »
I'm seeing little to no replies in these forums so we have decided to move on to something else. We will need something with good backing.
Logged
mrkroket
Hero Member
Offline
Posts: 495
Re: internal and external proxy/content filtering?
«
Reply #4 on:
Saturday 15 October 2011, 04:34:36 am »
True, maybe you can test ClearOS or pFsense, I think they have better support.
By changing things (Squid and rules from Access Firewall) you can get a working proxy from outside, but not with the standard config on Endian.
The DNS is not a problem, on Edit Hosts you can mask a public hostname (i.e. proxy.domain.com that points to a public IP X.X.X.X) to a local IP, like 192.168.Y.Y, so both your internal and external users always have the correct IP for the proxy.
Logged
Pages:
[
1
]
« previous
next »
Jump to:
Please select a destination:
-----------------------------
Announcements
-----------------------------
=> Project News
=> Latest News and Updates
-----------------------------
Support
-----------------------------
=> General Support
=> Installation Support
=> EFW SMTP, HTTP, SIP, FTP Proxy Support
=> VPN Support
=> Hardware Support
-----------------------------
Development
-----------------------------
=> EFW Wishlist
=> Contribute Your Customisations & Modifications
Page created in 0.078 seconds with 17 queries.
Powered by SMF 1.1 RC2
|
SMF © 2001-2005, Lewis Media
Design by
7dana.com