|
Title: 2.4.1 - Proxy & Firewall Setup Advice Post by: a18041967 on Friday 24 December 2010, 08:19:13 am I’d like to ask for some advice regarding how the Proxy & Firewall work as I’m struggling to get them to work correctly, and I’ll try and explain what I’m doing . Before I start I’ll try and explain how my system is setup.
I’m running Windows 2008 and this is running Exchange 2007, DNS, DHCP and the scopes default gateway points to the EFW Green interface. EFW has two interfaces, Red & Green with authentication back to Active Directory this appears to be working. Client machines that have their proxy settings are authenticating and in the proxy logs the IP, Username & URL are being logged…. most of the time! There are a number of entries that just have a ‘-‘ in the username field as if they are not being authenticated. Clients that do not have proxy settings set (Internet Radio, WEB Cams), have their default gateway pointing to the Green interface and successfully connect to the internet, completely by passing the proxy. The only way I have found to stop access for these clients is to disable selected protocols on the outgoing firewall rules. Is this the correct way to configure this, if so it would appear that all traffic that hits the proxy server bypasses the firewall rules which is not ideal? In addition to clients that authenticate I have a number of other devices that do not support proxy settings so on the firewall I’ve re enabled the outgoing protocols and added just the IP addresses of these devices to the source field. This also works. To summarise the above is working but doesn’t seem correct, in an ideal world I’d like the following: All clients to hit the proxy and then the firewall rules applied, for those devices that do not support proxy setting to add their IP address to the proxy bypass settings. Is this possible? Sorry for such a long post but thank you for any help people can provide. |