Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 3 subscribers
  • Views 2090 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Outbound Gateway and authentication for https

prakash patil

for UTM OG (outbound gateway) in AWS - I understand that UTM9 OGW, it is possible to configure a transparent forward proxy in AWS.

Is authentication supported with this use case ? Meaning - we want all outbound access to the internet from private subnets to be authenticated by a user/password? MOre importantly is this supported for outbound https scenarios?

 

Thanks

 



This thread was automatically locked due to age.
Parents
  • 0

    Hi, Prakash, and welcome to the UTM Community!

    Yes, this can be done with Web Filtering.  Do you want to use Browser authentication or do you have Active Directory that would allow authentication to be transparent?  Note that authentication requires a separate IP for each user.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    as of now the need is for just simple userpass variable in Linux env setting for (http_proxy) that supports passing user name nd password (hardcoded) but we may plan to integrate in openldap or AD.

    So for https traffic, it intercepts and does the auth ? how far in the payload does it tear down to do the auth (headers only or more) ? and how does it handle the cert trust issue for https certs that the proxy itself will present ?

     

Reply
  • 0 in reply to BAlfson

    as of now the need is for just simple userpass variable in Linux env setting for (http_proxy) that supports passing user name nd password (hardcoded) but we may plan to integrate in openldap or AD.

    So for https traffic, it intercepts and does the auth ? how far in the payload does it tear down to do the auth (headers only or more) ? and how does it handle the cert trust issue for https certs that the proxy itself will present ?

     

Children
No Data
Unfiltered HTML