Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 2 subscribers
  • Views 431 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

About Proxy and Packet Filter

franciscofossa
We have limited time to answer to one of our clients, and I am new to this system.
He is behind a ASG220 with 7.4. WIth Proxy, and all the usual features on.
He needs to connect to certain https page with a different port as 443, say 8111
I see in the Live log the Action="pass" but he doesn't see anything.
What is probably going wrong?
We excempted the "Allowed Target Service" in HTTP/S of Web Security, from any port 1:65535 -> 8111
I have a doubt, do we need to open a packet filter rule from the internal network to the outside?
Thanks


This thread was automatically locked due to age.
Parents
  • 0
    In which mode is the HTTP Proxy running?  If in transparent, then the 'Allowed Target Services' don't apply, and you must open 8111 with a packet filter rule.

    An alternative that I haven't tried would be to create a SNAT: 'External (Address) -> HTTPS -> [certain IP] : SNAT from [port 8111]' leaving the 'Source' blank.  Of course, that wouldn't work if there were other pages at that site that you needed to access via port 443.

    Cheers - Bob
Reply
  • 0
    In which mode is the HTTP Proxy running?  If in transparent, then the 'Allowed Target Services' don't apply, and you must open 8111 with a packet filter rule.

    An alternative that I haven't tried would be to create a SNAT: 'External (Address) -> HTTPS -> [certain IP] : SNAT from [port 8111]' leaving the 'Source' blank.  Of course, that wouldn't work if there were other pages at that site that you needed to access via port 443.

    Cheers - Bob
Children
No Data