|
Title: non-transparent proxy Post by: towly on Friday 05 October 2012, 04:07:34 pm I have setup EFW as a non transparent proxy. But my client pc still gives access to the internet.
I want to, when a client connects that the configuration be done manually. I've read that IE, firefox etc uses .pac and .wpad config to auto discover. Is there a way to disable it completely on EFW's side so that manual connectivity is only possible. As well as my Http antivirus (havp) is starting up. Please I need help Thanks in advance Title: Re: non-transparent proxy Post by: dda on Friday 05 October 2012, 11:44:02 pm You have to disable ports 80 and 443 in the firewall/ outgoing traffic area.
Title: Re: non-transparent proxy Post by: towly on Wednesday 10 October 2012, 06:47:27 am Hi DDA
Yes I have disabled port 80 and 443 on the firewall's outgoing traffic. It still passing through. Any hints that I can do. Thanks in advance Title: Re: non-transparent proxy Post by: dda on Wednesday 10 October 2012, 08:04:28 am What are you using for authentication and have your verified it is working?
Title: Re: non-transparent proxy Post by: towly on Wednesday 10 October 2012, 06:15:21 pm Hi DDA
I figured it out. I don't use authetication. I use the manual connection in internet options -> connections -> proxy settings. I removed the DNS in DHCP services. So that the DNS proxy takes over. Thank you for your assistance Title: Re: non-transparent proxy Post by: towly on Thursday 11 October 2012, 03:37:21 am I've verified that the proxy is working.
Firefox and Chrome it works 100% Though IE still passes through If I delete the following: proxy.pac and wpad.dat Will it function correctly Can't ping websites eg. google ICMP is enabled in firewall Any Ideas everyone? Thanks in advance Title: Re: non-transparent proxy Post by: dda on Friday 12 October 2012, 02:02:00 am Where are you deleting it from?(proxy.pac). Did you allow ICMP out from green to red? Mine works great but I use authentication.
Title: Re: non-transparent proxy Post by: towly on Friday 12 October 2012, 06:50:56 am Hi DDA
I deleted proxy.pac and wpad.dat from the console /home/httpd/html/proxy.pac and wpad.dat I've tested the manual proxy from client, works like a charm ICMP is enabled (green to red) in firewall. What about the allowed port(s) in the proxy I've tried adding ICMP in there. But no avail. Thank for the help DDA Title: Re: non-transparent proxy Post by: dda on Friday 12 October 2012, 09:31:12 am I dont think there was much point in deleting the proxy.pac file to be honest. I found these files to be helpful especially with users who use laptops...but nevertheless. The only thing I can imagine as i remember ICMP being enabled by default in the outgoing firewall is that it requires authentication somehow. I will see if I can find anything in my config.
Title: Re: non-transparent proxy Post by: towly on Friday 12 October 2012, 02:47:34 pm Hi DDA
That will be very helpful of you. Otherwise I'll just reinstall efw and reconfigure from scratch. And go with the authentication route. But yes ICMP is enabled in the firewall by default. Thank very much Title: Re: non-transparent proxy Post by: dda on Saturday 13 October 2012, 03:41:44 am Hi Towly are you using EFW on a LAN or just in a home type envoirment?
Title: Re: non-transparent proxy Post by: towly on Saturday 13 October 2012, 04:17:24 am Hi DDA
I'm using efw on a lan in a home enviroment yes. The reason why I wanted the proxy is that. Only the pc's in my flat gets internet access. The others that connect on the wifi can only access my files and not abuse my internet connection. Wifi is also password protected. But the place where I live is a plot with 3 houses. So they all connect to my network via wifi. Title: Re: non-transparent proxy Post by: towly on Wednesday 17 October 2012, 05:20:02 pm Hi DDA
I found out something interesting in regarding pinging a website eg google. If i ping the domains' ip it pings, but not the domains' name. Any idea why Thanks in advance |