Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Subscribers 0 subscribers
  • Views 18066 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Web Appliance Network design???

searching1

Hi, I have sophos web appliance v3.9.4.1

My Current set up the browser of all users has a proxy which is 10.34.63.237 on their browser network config. but the problem is when I remove it im not connected to sophos and sophos can't monitor that user.

I was wondering if this setup is possible.

from workstation to router Router DGway it will pass all packet to sophos and from sophos to theISP router???

please see the attached file?

thanks

:57439


This thread was automatically locked due to age.
Parents
  • 0

    Hello,

    If you wish not to use proxy settings (explicit proxy mode), you will want to configure the appliance in Transparent mode where you have a router or firewall use a Policy Based Route to redirect port 80 and 443 request to the applaince.  Please see the following section in the documenation for more information:

    http://wsa.sophos.com/docs/wsa/swa4_docs/#tasks/IntroGSNetDeployTransparentDeployment.htm

    Petr.

    :57453
  • 0 in reply to PetrBenda
    Hi,

    I've configured transparent mode and http/s traffic has being forwarded to SWA but there's a time that when browsing the loading/Display process is slow.

    When configuring transparent mode is there any requirements? I'm using a Gig/Router and switch on core.

    Or any best practice for this design.

    Thank you.
  • 0 in reply to searching1
    Hi,

    Generally you just need 2 policy based routes, one for HTTP to port 80 and one for HTTPS to port 443, set on your router. If the appliance requests also go through the same router, you will need to create a exemption from the policy based routes your created to avoid a loop.

    Is the slowness you are experiencing all the time, or is it intermittent? Does it affect all users, or just one or a few?

    Also, make sure you have upgraded your appliance to the latest version as we have made major performance improvements in v4 to the proxy engine.

    Petr.
Reply
  • 0 in reply to searching1
    Hi,

    Generally you just need 2 policy based routes, one for HTTP to port 80 and one for HTTPS to port 443, set on your router. If the appliance requests also go through the same router, you will need to create a exemption from the policy based routes your created to avoid a loop.

    Is the slowness you are experiencing all the time, or is it intermittent? Does it affect all users, or just one or a few?

    Also, make sure you have upgraded your appliance to the latest version as we have made major performance improvements in v4 to the proxy engine.

    Petr.
Children
Unfiltered HTML