Redirect HTTP Traffic to Explicit Proxy (Can't use WCCP)

Forum|Forum|10 years ago
May 19, 2016
1 reply
7570 views

I have an explicit proxy in the cloud. I want to redirect internal HTTP traffic from a select few clients to that explicit proxy transparently. This is possible on Sonicwall, ASAs, Juniper, Checkpoint, etc., but I cannot find a way to policy route traffic to the cloud proxy with my Fortigate. I cannot use WCCP as the proxy is in the cloud and that proxy can't be configured in a WCCP service group.

I'm able to route traffic to another cloud proxy that is connected via an IPSec tunnel with this Fortigate so that routing works, but for this specific cloud hosted proxy, I cannot use IPSec.

Is this possible in any way with a Fortigate? I have an 80C running 5.2.4.

Jeff_FTNT

Staff

FGT support explicit proxy, you may set up explicit proxy on FGT and use "Proxy chaining" to forward traffic to "web proxy forwarding servers" .

BrianVAuthor

New Member

I'm familiar with proxy chaining, I'm actually trying to test specifically HTTP redirection, I'll just use a different edge device, but it's good to know I can go that route.

Thanks

emnoc

New Member

Qs

So if the ASA Sonicwall can do this , how are they doing it?

1>

I would think a PAC/WPAD deployment would give you want and with the cloud proxy for the handfull of clients. You can use identity and authorization for the clients.

2>

You can also build a reverse virt-server if you have multiple proxies and need to have HA and publish the internal vip for the client proxy address.

Ken

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded