This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

2 Qs

Two questions about the web filter --

1> I just discovered that if the web filter is engaged on a particular network definition, that I do not need a firewall rule to support web browsing. Is this expected behavior?

2> With the filter engaged, packets leaving the UTM show the external interface as the source. With the filter not engaged (firewall rule engaged or not) the packets show the IP address of the internal host as the source. Why is this so?        ....if it matters, in this scenario a downstream VACL is blocking traffic due to the change in source IP.

Here are my capture files.

Thank you!



This thread was automatically locked due to age.
Parents
  • 1.  Yes, that is expected.


    2.  Yes, again, that is expected.  Webfiltering enables a proxy server (either standard or transparent), so for that browsing, it will appear as though the firewall itself is the browsing client and will proxy that information back to you.  It allows for a more secure (?) separation of the endpoints and the Internet.

Reply
  • 1.  Yes, that is expected.


    2.  Yes, again, that is expected.  Webfiltering enables a proxy server (either standard or transparent), so for that browsing, it will appear as though the firewall itself is the browsing client and will proxy that information back to you.  It allows for a more secure (?) separation of the endpoints and the Internet.

Children
No Data