Welcome, Guest. Please login or register.
Did you miss your activation email?
Thursday 22 October 2020, 02:34:36 am

Login with username, password and session length

Visit the Official Endian Reference Manual  HERE
14044 Posts in 4275 Topics by 6134 Members
Latest Member: lTato
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  EFW SMTP, HTTP, SIP, FTP Proxy Support
| | |-+  2.4.1 - Proxy & Firewall Setup Advice
0 Members and 0 Guests are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: 2.4.1 - Proxy & Firewall Setup Advice  (Read 6333 times)
a18041967
Jr. Member
*
Offline Offline

Posts: 6


« on: Friday 24 December 2010, 08:19:13 am »

I壇 like to ask for some advice regarding how the Proxy & Firewall work as I知 struggling to get them to work correctly, and I値l try and explain what I知 doing . Before I start I値l try and explain how my system is setup.

I知 running Windows 2008 and this is running Exchange 2007, DNS, DHCP and the scopes default gateway points to the EFW Green interface. EFW has two interfaces, Red & Green with authentication back to Active Directory this appears to be working.
Client machines that have their proxy settings are authenticating and in the proxy logs the IP, Username & URL are being logged. most of the time! There are a number of entries that just have a - in the username field as if they are not being authenticated.

Clients that do not have proxy settings set (Internet Radio, WEB Cams), have their default gateway pointing to the Green interface and successfully connect to the internet, completely by passing the proxy. The only way I have found to stop access for these clients is to disable selected protocols on the outgoing firewall rules.

Is this the correct way to configure this, if so it would appear that all traffic that hits the proxy server bypasses the firewall rules which is not ideal?

In addition to clients that authenticate I have a number of other devices that do not support proxy settings so on the firewall I致e re enabled the outgoing protocols and added just the IP addresses of these devices to the source field. This also works.

To summarise the above is working but doesn稚 seem correct, in an ideal world I壇 like the following:

All clients to hit the proxy and then the firewall rules applied, for those devices that do not support proxy setting to add their IP address to the proxy bypass settings. Is this possible?

Sorry for such a long post but thank you for any help people can provide.


Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.031 seconds with 18 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com