Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 1 subscriber
  • Views 1881 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

http proxy / how to block connect command

starfish4711
Hi,

ASG v6 offered a switch to block the usage of the http "connect" command, to avoid tunneling of data. 

Where can I find this option in ASG 7?!

I know that docs said that blocking the connect command would disallow https traffic through the proxy, but I had this switch enabled (also on formerly used Novell Bordermanager) and https has never been a problem.


This thread was automatically locked due to age.
  • 0
    This version has a completely different proxy that the one used in earlier versions, and that option isn't there.  Have you tried using the URL Filtering to block "Anonymizers?"

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    No, and I guess you are referring to a feature that is not available under classic Net Security subscription.

    Any chance that the connect command can be disabled by modifying the proxy's conf file?

    Regards, Frank
  • 0
    Well, in the current version, the HTTP/S Proxy is not enabled unless you have a Web Security subscription, and URL Filtering is included in that subscription.  Which version of Astaro are you using?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    I know and I strongly dislike the new license model for this reason. I only want to use the proxy, without the additional stuff which adds a more than significant amount to costs. Therefor I stay with the classic licensing model.

    We are using 7.505 on a ASG 220.

    Regards, Frank