Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Rekwell
New Contributor

Explicit proxy

Hello,

 

I set up an explicit proxy a proxy on a fortigate 80F version 7.4.4.

 

My configuration:

 

  • Interface 4: 10.0.100.1/24, Explicit Web Proxy Enabled
  • Explicit Proxy: Internal4 listener, HTTP port 8080
  • Authentication scheme: Basic, local
  • Authentication rule: src all, Int4 inbound interface, HTTP protocol, auth scheme "test_proxy_schema"
  • Proxy policy: wan1 egress interface, src all, dst all, webproxy service

 

The IP of the proxy interface has been configured on a pc directly connected to the firewall port.

My colleague who has control over this pc runs a continuous ping to 8.8.8.8.

I don't see any traffic that matches with my proxy Policy.

 

Can you help me, please? 

 

3 REPLIES 3
ozkanaltas
Valued Contributor III

Hello @Rekwell ,

 

Can you try http or https traffic instead of ping?

 

When I review the FortiGate document for explicit proxy this document says "Explicit web proxy can be configured on FortiGate for proxying HTTP and HTTPS traffic.". That means explicit proxy just works for HTTP and HTTPS traffic.

 

https://docs.fortinet.com/document/fortigate/7.4.4/administration-guide/300428/explicit-web-proxy

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW
If you have found a solution, please like and accept it to make it easily accessible to others.NSE 4-5-6-7 OT Sec - ENT FW
Rekwell
New Contributor

Thank you for your answer. My colleague is absent today. I won't be able to do my checks until tomorrow.

pminarik
Staff
Staff

It's an explicit web proxy, i.e. HTTP-based proxy. It will only carry traffic that can be proxied over HTTP, which ping usually cannot.

If you want to test it properly, rather do something like curl http(s)://some.website.

[ corrections always welcome ]
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors