I've install UT 8.0 and the problems is, how can i forward all HTTP traffic to proxy server, i've try used port forward in the network setting but it seem that the forward rules does not work, how can i trace all http traffic in my UT server?
I've install UT 8.0 and the problems is, how can i forward all HTTP traffic to proxy server, i've try used port forward in the network setting but it seem that the forward rules does not work, how can i trace all http traffic in my UT server?
This is the screen for the setings, any error here?
![]()
"Destined Local" means it will only match traffic destined to one of Untangle's IPs.
Even without that I'm not sure thats how squid will work as it won't know the original destination.
Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
If you need Untangle support please call or email support@untangle.com
Without a nice drawing with the workstations, the proxy , untangle and other relevant devices (router, switch) is difficult to interpret how the traffic flow.
The world is divided into 10 kinds of people, who know binary and those not
A proxy will never work this way... a reverse proxy maybe. But the Untangle server will have to be behind the proxy, otherwise the web requests from the proxy will be redirected right back to the proxy.
In short, Untangle isn't designed to work this way. You're in uncharted water.
Rob Sandling, BS:SWE, MCP
NexgenAppliances.com
Phone: 866-794-8879 x201
Email: support@nexgenappliances.com
OK, i've try the method that the proxy server infront of UT server but the connection to the internet ware too slow, then now i try to make the proxy parallel to the UT server. This is what i try to do here..
can we do this?
Last edited by syedadie; 12-29-2010 at 10:42 PM.
Untangle can only have 1 path to the internet... however what you are asking for is possible. You'll simply need to create a firewall rule to prevent stations from getting out directly. Untangle will not be a proxy client.
To do that just put the proxy behind Untangle like the rest of the LAN, and configure your workstations to use it.
Rob Sandling, BS:SWE, MCP
NexgenAppliances.com
Phone: 866-794-8879 x201
Email: support@nexgenappliances.com
So that i need to block all http/https traffic in firewall at UT server and setting all client to used proxy for web browsing?
Thanks
Don't take this the wrong way... but if you're asking those questions you're missing several critical qualifications to even be doing this. If this network is for experimentation then sure... but if this has any real live value you're risking quite alot.
For the sake of them being crazy questions because you're unfamiliar with Untangle...
The firewall rule you need is to simple deny access to TCP port 80, and TCP port 443 outbound. Then create a second rule above the block rule that allows access to both of those ports from the IP address of the proxy. That way all of the workstations on the network can't get out unless they talk to the proxy. There are ways to bypass that... but such is life.
As for configuring each workstation to use the proxy, that is outside the scope of Untangle. It's a browser specific configuration to tell each web browser to use a proxy server. There are many ways to do this, none of which I'm all that familiar with because I don't use proxy servers. I've had far more issues with them, and in my world, they cause far more problems than they solve.
Rob Sandling, BS:SWE, MCP
NexgenAppliances.com
Phone: 866-794-8879 x201
Email: support@nexgenappliances.com
OK, thanks for all the ideasI've be do some testing in my network here, so now i'm putting about 30 client to used the proxy (manually configured), if it done well, then i need to reconfigure the UT box to block all HTTP/HTTPS traffic and educate user to used proxy to access to the web. So i think this post will be closed
Thanks again.