Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 4 subscribers
  • Views 2740 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Allowed target service in proxy for ONE target

Twibow

Hello @ll,

I would like to authorize one target service for one LAN source, and one IP destination without create an exception in client browser proxy list.

I've tried different way, but I think it's not possible in proxy settings directly. I don't want to open an "exotic" port for all proxy user, and for all destination (in Web Protection > Filtering Options > Misc > Allowed target service)...

The only way I found is :

- Declare the port in Service Definition

- Declare the Destination IP in Network Definition

- Create a firewall rule for allowed LAN source to use this PORT to the specific network

But I need to add the destination URL in exception list in client browser.

Do you knwo a different way ?



This thread was automatically locked due to age.
Parents
  • 0

    Salut Thibaut and welcome to the UTM Community!

    The solution you describe is a good one.  Another approach would be the following:

    1. Add the Service definition to 'Allowed Target Services'.
    2. On the 'Websites' tab, assign to the target site/network a category and/or Reputation you block.
    3. Make a 'Content Filter' Exception for traffic from the allowed user/IP going to the target site/network.

    Because of this question, you might be interested in a document I maintain that I make available to members of the UTM Community, "Configure HTTP Proxy for a Network of Guests."  If you would like me to send you this document, PM me your email address.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0

    Salut Thibaut and welcome to the UTM Community!

    The solution you describe is a good one.  Another approach would be the following:

    1. Add the Service definition to 'Allowed Target Services'.
    2. On the 'Websites' tab, assign to the target site/network a category and/or Reputation you block.
    3. Make a 'Content Filter' Exception for traffic from the allowed user/IP going to the target site/network.

    Because of this question, you might be interested in a document I maintain that I make available to members of the UTM Community, "Configure HTTP Proxy for a Network of Guests."  If you would like me to send you this document, PM me your email address.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML