Skip to main content
Rekwell
New Member
July 19, 2024
Question

Explicit proxy

  • July 19, 2024
  • 3 replies
  • 2709 views

Hello,

 

I set up an explicit proxy a proxy on a fortigate 80F version 7.4.4.

 

My configuration:

 

  • Interface 4: 10.0.100.1/24, Explicit Web Proxy Enabled
  • Explicit Proxy: Internal4 listener, HTTP port 8080
  • Authentication scheme: Basic, local
  • Authentication rule: src all, Int4 inbound interface, HTTP protocol, auth scheme "test_proxy_schema"
  • Proxy policy: wan1 egress interface, src all, dst all, webproxy service

 

The IP of the proxy interface has been configured on a pc directly connected to the firewall port.

My colleague who has control over this pc runs a continuous ping to 8.8.8.8.

I don't see any traffic that matches with my proxy Policy.

 

Can you help me, please? 

 

3 replies

ozkanaltas
Valued Contributor III
July 19, 2024

Hello @Rekwell ,

 

Can you try http or https traffic instead of ping?

 

When I review the FortiGate document for explicit proxy this document says "Explicit web proxy can be configured on FortiGate for proxying HTTP and HTTPS traffic.". That means explicit proxy just works for HTTP and HTTPS traffic.

 

https://docs.fortinet.com/document/fortigate/7.4.4/administration-guide/300428/explicit-web-proxy

Rekwell
RekwellAuthor
New Member
July 22, 2024

Thank you for your answer. My colleague is absent today. I won't be able to do my checks until tomorrow.

pminarik
Staff
Staff
July 22, 2024

It's an explicit web proxy, i.e. HTTP-based proxy. It will only carry traffic that can be proxied over HTTP, which ping usually cannot.

If you want to test it properly, rather do something like curl http(s)://some.website.