Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 2 subscribers
  • Views 7254 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Transparent proxy multiple downstream subnets

Cory Candia

Community,

 

I tried and failed to setup a UTM 9 between two routers in fully transparent mode.  I'd like to know if this is a supported configuration

 

I have an existing firewall, connected to another internal router, with the internal router having a couple of internal client and server subnets.

I the web filtering in transparent mode works when the client device is in the subnet directly behind the UTM, but when I put the UTM between the two routers so it will filter traffic from all the internal subnets, it doesn't work.

I have changed settings to allow additional subnets, set the firewall to any/any, etc.

Is this a supported configuration or is anyone else doing this currently?  What settings did you modify?

 

In the logs, I was getting web traffic blocked do to 'error=connection to server timed out" and "passthrough.fw-notify.net" which are very frequently posted in the forum, but I saw no solution that fixed the problem.

 

 

Anyone know anything about this?



This thread was automatically locked due to age.
Parents
  • 0

    For your configuration, I would think putting the UTM immediately behind the firewall on a bridged connection would be necvessary to avhieve the desired results..

    For transparent mode to work, the traffic has to naturally flow through UTM based on your routing configuration.   If UTM is between two internal routers, traffic on the firewall side of UTM will have no reason to go through UTM.

    With standard mode, UTM can be anywhere in your network.  I recommend using both.  Standard mode provides better accountability and handles mon-standard ports, while transparent mode catches traffic that does not, or cannot, honor the proxy configuration settings.

Reply
  • 0

    For your configuration, I would think putting the UTM immediately behind the firewall on a bridged connection would be necvessary to avhieve the desired results..

    For transparent mode to work, the traffic has to naturally flow through UTM based on your routing configuration.   If UTM is between two internal routers, traffic on the firewall side of UTM will have no reason to go through UTM.

    With standard mode, UTM can be anywhere in your network.  I recommend using both.  Standard mode provides better accountability and handles mon-standard ports, while transparent mode catches traffic that does not, or cannot, honor the proxy configuration settings.

Children
No Data
Unfiltered HTML