Web protection - enforce proxy standard mode

Hej,

is it possible to reduce firewall rule or web protection profiles to proxy standard mode and deactivate transparent mode for this rule?

Parents Reply Children
  • Hello Steppenwolf,

    You can prevent transparent access to the internet on 80/443. I'm not sure where the miscommunication has occurred but if you only want proxied access to the internet you only need a firewall rule (LAN to WAN) with the Proxy port found under Web Protection > General Setting. Default is 3128 but i like to change it to 8080. The allowed destination services are are also enabled in the same place as the port. I have several deployments where this is being done. So to summarise:

    • Source Zone: LAN
    • Destination Zone: WAN
    • Service: Proxy port service definition
    • Enable a Web Policy of choice
    • Enable MASQ

    By doing this, the XG will allow access to the internet if you proxy via it but will not allow general access to the internet via 80/443 transparently.

    I have selected the appropriate answer in this thread.

    Emile