Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 1 subscriber
  • Views 835 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to block ip networks trough the http proxy

Zackenfels
Hi,
I have to block ip networks through the http Proxy.
For example:
All Clients in a Wireless Guest Network (separate zone) have to take the proxy for WEB access. The access to the internal networks is not allowed.
I defined a proxy profile in transparent mode. The access to the internet works fine but also the access to web Server in the internal network. First I blocked the access to the internal domain (^http?://([A-Za-z0-9.-]*\.)?internal_domain\.local/*) witch works fine.
For the access to the internal network I created the following Expression (^http?://10\.70\.8\.[0-9]{1,3}\./.*) but it doesn`t work.
What is my mistake?
Who can explain me the right syntax for ip networks or ip ranges?
Where should I add it, Domains or Regular Expressions?

I visit Regular Expressions for Defining URL Patterns in Sophos UTM but I really didn`t understand the whole syntax.


Thanks for help
yours Björn


This thread was automatically locked due to age.
  • 0
    There is one period where it shouldn't be... Do you find the error? [;)]

    ^https?://10\.70\.8\.[0-9]{1,3}/


    The .* at the end isn't necessary either.

    edit: A "?" in RegEx means: the previous sign is optional, so your Expressions matches "http[...]" and "htt[...]", while mine matches "http[...]" and "https[...]"...

    ----------
    Sophos user, admin and reseller.
    Private Setup:

    • XG: HPE DL20 Gen9 (Core i3-7300, 8GB RAM, 120GB SSD) | XG 18.0 (Home License) with: Web Protection, Site-to-Site-VPN (IPSec, RED-Tunnel), Remote Access (SSL, HTML5)
    • UTM: 2 vCPUs, 2GB RAM, 50GB vHDD, 2 vNICs on vServer (KVM) | UTM 9.7 (Home License) with: Email Protection, Webserver Protection, RED-Tunnel (server)
  • 0
    Björn, several years ago, several of us here worked on a document named "Configure HTTP Proxy for a Network of Guests."  Last year, member Hallowach helped me add some things to it and he translated it into German, so you can ask for it in either or both languages.  Just click on my name beside the Cyrano avatar and send me an email.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Cookie Information Banner