Skip to main content
oliverlag
oliverlag
New Member
July 29, 2011
Question

explicit web proxy in transparent mode

  • July 29, 2011
  • 3 replies
  • 23118 views
guys.. I feel a bit frustrated since this is a simple lab conf and it doesn' t work. I' ve my pc behind a FG50B in transparent mode. (don' t have Vdom). the FG has a mgmt ip address and I' m using it as proxy. I' ve then enabled the explicit proxy on the internal interface and enabled the explicit proxy on port 8080 (even on the browser). The default policy action is deny. Then.. I' ve I try to surf the web I get a: The page you requested has been blocked by a firewall policy restriction. You are not allowed to access this web page I' m not using any kind of authentication so far and I don' t find anything in the logs. I' m running MR2 patch 2. could someone open my eyes in where I' m wrong? (it' s a very minimal conf) tnx in advance..

    3 replies

    oliverlag
    oliverlagAuthor
    New Member
    August 1, 2011
    no help ? :( I' ve just updated to latest fw MR3patch1 and the behavior is the same. in NAT mode it works. tnx
    ejhardin
    ejhardin
    New Member
    August 2, 2011
    I assume that you have a firewall policy " from-webproxy: to-any" . You could change the default policy action to allow. If it works then it is a firewall policy issue.
    oliverlag
    oliverlagAuthor
    New Member
    August 2, 2011
    Hey Ejhardin.. after some test I' ve realized that the rule migrated from the previous firmware was wrong. I' ve re-created the rule as you suggested and it works now. Anyway I still have some issues with the FSSA but it' s just because of AD I guess. I mean.. if the proxy it doesn' t work is because I don' t have the user seen in the FG: ----FSSO logons---- IP: 10.0.10.75 User: AAAA Groups: CN=AAAA,OU=TEST_FG,DC=XXX,DC=LAN Total number of logons listed: 1, filtered: 0 ----end of FSSO logons---- In this case I do a logoff/logon and the user appears here above and everything seem fine. thanks for your help. Do you know maybe if there were some bugs in the previous fw for the proxy in transparent ? Was not working at all before with the MR2patch1. tnx Oliver
    Terms & ConditionsAccessibility statement