- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Explicit proxy
Hello,
I set up an explicit proxy a proxy on a fortigate 80F version 7.4.4.
My configuration:
- Interface 4: 10.0.100.1/24, Explicit Web Proxy Enabled
- Explicit Proxy: Internal4 listener, HTTP port 8080
- Authentication scheme: Basic, local
- Authentication rule: src all, Int4 inbound interface, HTTP protocol, auth scheme "test_proxy_schema"
- Proxy policy: wan1 egress interface, src all, dst all, webproxy service
The IP of the proxy interface has been configured on a pc directly connected to the firewall port.
My colleague who has control over this pc runs a continuous ping to 8.8.8.8.
I don't see any traffic that matches with my proxy Policy.
Can you help me, please?
- Labels:
-
Explicit proxy
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello @Rekwell ,
Can you try http or https traffic instead of ping?
When I review the FortiGate document for explicit proxy this document says "Explicit web proxy can be configured on FortiGate for proxying HTTP and HTTPS traffic.". That means explicit proxy just works for HTTP and HTTPS traffic.
https://docs.fortinet.com/document/fortigate/7.4.4/administration-guide/300428/explicit-web-proxy
NSE 4-5-6-7 OT Sec - ENT FW
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you for your answer. My colleague is absent today. I won't be able to do my checks until tomorrow.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
It's an explicit web proxy, i.e. HTTP-based proxy. It will only carry traffic that can be proxied over HTTP, which ping usually cannot.
If you want to test it properly, rather do something like curl http(s)://some.website.