Hello,
i have a question regarding Sophos proxy internet access / firewall rules,
I have on eth2 my VPN Router in a DMZ. The Router connects via OpenVPN Client to the Internet.
Eth2 DMZ Config
10.0.0.1 / 24
Default GW: 10.0.0.3 (OpenVPN Router)
Multipath Rule:
Internal Network – Any – Internet IPv4 – By Interface – DMZ VPN
When I access the Internet from my LAN Devices I can browse Internet over the OpenVPN Router in the DMZ, this works fine. But my questions are:
- In the Firewall Rule is the Standard Web Surfing Group with the Services:
http 80, https 443, http proxy 8080, http web cache 3128 included. Under allowed services is also http, https and http proxy included.
Means this now, that when a LAN Client access a Website, the client directly accesses the website while in the allowed target services http, https, and http proxy 8080 are defined? Should it for security reasons not be that the client asks the Proxy, and the Proxy connects to the Website?
- I saw under Network Protection – Advanced the possibility to activate an Generic Proxy, in which scenario would this be useful?
Thanks a lot!
Best Regards
Sally
This thread was automatically locked due to age.