Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 2 subscribers
  • Views 496 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

HTTP proxy playing by its own rules.

ITMannen
Hiya all!

I have after a great deal of headscratching managed to get the Astaro to work for a "office hotel". By using VLAN:s i have 8 "internal" networks, one DMZ and a a shared internet connection.

The internal LAN:s do have access to the Internet but NOT to each other. This works fine and dandy, but when i activate the web proxy it is possible to connect via HTTP to all internal networks (printerboxes etc). I assume the traffic gets into the proxy BEFORE any ip-filtering takes place.

Is my only solution to NOT use the proxy? The internet line is rather crappy and the users feel that everytihing is MUCH faster with the proxy.  [:S]  


This thread was automatically locked due to age.
Parents
  • 0
    what you ahve to do is to setup packet filter rules that disallow the cross http traffic and put those rules in the 1-2-3-4-5..etc posistions so they are acted upon first. 

    Owner:  Emmanuel Technology Consulting

    http://etc-md.com

    Former Sophos SG(Astaro) advocate/researcher/Silver Partner

    PfSense w/Suricata, ntopng, 

    Other addons to follow

Reply
  • 0
    what you ahve to do is to setup packet filter rules that disallow the cross http traffic and put those rules in the 1-2-3-4-5..etc posistions so they are acted upon first. 

    Owner:  Emmanuel Technology Consulting

    http://etc-md.com

    Former Sophos SG(Astaro) advocate/researcher/Silver Partner

    PfSense w/Suricata, ntopng, 

    Other addons to follow

Children
No Data
Cookie Information Banner