This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Transparent mode - DMZ

Hi guys.

intresting problem. Upside down

Hi guys.

I have interesting problem.

I have some devices in my DMZ, which I need to reach in http.

For security reason, I need to allow access to these resources only from one internal net (Let's say 192.168.40.0/24).

All protocols work fine (Firewall - allow any for this Net, and block all others).

My problem is with HTTP/S, that it works only when i add the DMZ net to skip transparent list.
Filtering Options – Exception, doesn’t work for this.

The problem is that in this situation everybody can reaches those recourses.

Any idea what to do?

 

Thanks…

.

2022:12:02-12:48:03 mhgate-1 httpproxy[6684]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="GET" srcip="10.13.0.71" dstip="192.168.40.10" user="" group="" ad_domain="" statuscode="502" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (MH Content filter action)" size="3283" request="0xcd426e00" url="">192.168.40.10/.../login.html" referer="" error="Connection reset by peer" authtime="0" dnstime="130" aptptime="151" cattime="83404" avscantime="0" fullreqtime="90430" device="0" auth="0" ua="Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:107.0) Gecko/20100101 Firefox/107.0" exceptions="" category="9998" reputation="unverified" categoryname="Uncategorized"

Thanks..



This thread was automatically locked due to age.
Parents
  • Hi Goldy,

    according to your log your internal client IP was 10.13.0.71 and the DMZ webserver had 192.168.40.10. Do you have any net/IP-limitations in your DMZ web server configuration (192.168.40.10)?

    I ask because a request over (a transparent) web proxy result in web requests coming from the firewall IP. So in your case it will come from the DMZ-IP of your firewall (192.168.40.1?). I you skip the transparent proxy the requests will com from the original client IP (10.13.0.71).

    bye Josef

    BERGMANN engineering & consulting GmbH, Wien/Austria

Reply
  • Hi Goldy,

    according to your log your internal client IP was 10.13.0.71 and the DMZ webserver had 192.168.40.10. Do you have any net/IP-limitations in your DMZ web server configuration (192.168.40.10)?

    I ask because a request over (a transparent) web proxy result in web requests coming from the firewall IP. So in your case it will come from the DMZ-IP of your firewall (192.168.40.1?). I you skip the transparent proxy the requests will com from the original client IP (10.13.0.71).

    bye Josef

    BERGMANN engineering & consulting GmbH, Wien/Austria

Children
No Data