Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Subscribers 0 subscribers
  • Views 11951 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

WS500 explicit to transparent

NikHall

Hi folks,

I am pondering going to transparent mode for my deployment despite the fact that explicit works so well.  The problem I have is guest internet use on site and an ever increasing population of iPhones/iPads/Android devices etc.  With the non PC devices its getting harder and harder to manager auto configuration of internet access.

We are only an SME and the router/firewall we have (draytek 2820) doesnt support forwarding port 80 traffic internally.

Does anyone have any thoughts on deployment; although I feel transparent is most appealing at the moment.

Plus some reccomendations on a suitable router/firewall for transparent mode would be brilliant.

Hope you can all offer some assitance.

Thanks,

 Nik

:24787


This thread was automatically locked due to age.
Parents
  • 0

    I can't really help with specific Router recommendations, but the router needs to be capable of policy routing.  You could consider our own Astaro Security Gateway (a Sophos company).  The screenshots here shows how you can easily set up a policy routing rule:

    http://www.sophos.com/en-us/support/knowledgebase/114061.aspx

    Depending on what your goals are you could have 1xTransparent Appliance and 1xExplicit (The explicit appliance should be exempt from the policy routing rule).  This would allow you to use the explicit appliance as a backup if necessary, or to run some specific traffic therefore reducing load on the transparent device.

    Note that a Web appliance in transparent mode can still be used explicitly if you need to.  Eg. you can still put HOSTNAME:8080 in your proxy settings and it works fine.

    Best of luck picking out hardware - hopefully others on the forum can give some pointers too!

    Tom.

    :24849
Reply
  • 0

    I can't really help with specific Router recommendations, but the router needs to be capable of policy routing.  You could consider our own Astaro Security Gateway (a Sophos company).  The screenshots here shows how you can easily set up a policy routing rule:

    http://www.sophos.com/en-us/support/knowledgebase/114061.aspx

    Depending on what your goals are you could have 1xTransparent Appliance and 1xExplicit (The explicit appliance should be exempt from the policy routing rule).  This would allow you to use the explicit appliance as a backup if necessary, or to run some specific traffic therefore reducing load on the transparent device.

    Note that a Web appliance in transparent mode can still be used explicitly if you need to.  Eg. you can still put HOSTNAME:8080 in your proxy settings and it works fine.

    Best of luck picking out hardware - hopefully others on the forum can give some pointers too!

    Tom.

    :24849
Children
No Data