Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Routing for Proxy and bypass proxy
HI All,
I have 4 interface as below:
Port 13 = WAN 1 x.x.x.x
Port 14 = WAN 2 x.x.x.x
Port 15 = WAN 3 x.x.x.x
Port 9 = Internal 192.168.1.1
I have 4 static routes as below:
destination 0.0.0.0/0 gateway x.x.x.x (WAN 1)
destination 0.0.0.0/0 gateway x.x.x.x (WAN 2)
destination 0.0.0.0/0 gateway x.x.x.x (WAN 3)
destination 192.168.1.0/24 gateway 192.168.1.2
192.168.1.2 is their proxy server.
Computer that access internet need to point their gateway to the proxy server to access internet. This is working fine. Customer request that they want certain PC to bypass the proxy server and point directly to Fortigate.
To bypass the proxy server, the computer needs to point their gateway to the firewall interface which is 192.168.1.1. The computer that bypass proxy have speed problems. How do i configure the routing for the computer that needs to bypass the proxy?
- « Previous
-
- 1
- 2
- Next »
12 REPLIES 12
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
To assist you could ping from the FGT CLI (" exec ping a.b.c.d" ). It doesn' t have all the options but it might give you a clue. If you see dropped packets when pinging from the FGT to a remote target then the WAN line has hickups.
Ede Kernel panic: Aiee, killing interrupt handler!
Ede Kernel panic: Aiee, killing interrupt handler!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Actually i already tried that and no timeout at all. So its definitely the firewall that causing the timeout and i think its because i wrongly create the additional static route
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Your setup looks solid, especially if policies #4 and #6 are just for logging violations. If the 'Bypass' group is still having issues, checking ping times and traceroutes might help. For more advanced proxy solutions, you could look into websites like proxyrotator.com.
- « Previous
-
- 1
- 2
- Next »