I´ve ran into a problem, as I wanted to prepare an iview2 evaluation for one of our customers. In this scenario, theres no direct internet connection available! As far as i figured out, there is no possibility to activate and uses iView2. That´s a pitty and why isn´t a proxy feature included?
Is there a way to make iview2 use a proxy with the CLI ?
If your client has a Sophos firewall, then go to Web Protection > Filtering Options > Misc and add IVIEW to Skip Transparent Mode Source Hosts/Nets.
1. no possibility to get in touch with the main firewall administrator
2. the only possibility to get internet access is using their proxyserver
I can´t follow your thoughts... Let´s assume, the customer has installed an utm, for what reason should I deactivate the transparent mode? If that would be the given situation, transparent would be a working scenario to get it activated!
Think of it as a proxy bypass list that will not be subject to the proxy interception. However, it's a moot point if you don't have access to the Sophos firewall or whatever firewall the client has.
Same problem here.
I could bypass my own proxy, but there is another upstream proxy which has to be used to get internet access.
Adding proxy support to iView is the only sensible solution here. According to my UTM logs, iView tries to connect with HTTPS so that shouldn't be too hard to do.
we used a VM with Sophos utm 9.4x for this purpose, in the same network segment. Define the default gateway of the iview2 server towards the Sophos proxy and allow the iview2 to use the proxy in transparent mode.
yes, that´s one possible solution. But I think there will be situations, where you don´t have this possibility and so it would be much better to implement proxy functionality or some kind of manual licensing option for such cases.
I totally agree that Iview should support proxy functionality, in fact iview1 supported this also. My solution is just implemented as a workaround.
I've done it this way:
On your super UTM box you're able to setup more than one Web Protection proxies, with different set of settings. I've set the iView proxy with no auth and transparent mode thus having only the iView box in the allowed networks..