Results 1 to 10 of 10
  1. #1
    Untangler
    Join Date
    Sep 2010
    Posts
    45

    Default Port Forward HTTP to proxy server

    I've install UT 8.0 and the problems is, how can i forward all HTTP traffic to proxy server, i've try used port forward in the network setting but it seem that the forward rules does not work, how can i trace all http traffic in my UT server?

  2. #2
    Untangler
    Join Date
    Sep 2010
    Posts
    45

    Default

    This is the screen for the setings, any error here?


  3. #3
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    17,486

    Default

    "Destined Local" means it will only match traffic destined to one of Untangle's IPs.

    Even without that I'm not sure thats how squid will work as it won't know the original destination.
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  4. #4
    Untangle Ninja dwasserman's Avatar
    Join Date
    Jun 2008
    Location
    Argentina
    Posts
    4,371

    Default

    Without a nice drawing with the workstations, the proxy , untangle and other relevant devices (router, switch) is difficult to interpret how the traffic flow.
    The world is divided into 10 kinds of people, who know binary and those not

  5. #5
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,494

    Default

    A proxy will never work this way... a reverse proxy maybe. But the Untangle server will have to be behind the proxy, otherwise the web requests from the proxy will be redirected right back to the proxy.

    In short, Untangle isn't designed to work this way. You're in uncharted water.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  6. #6
    Untangler
    Join Date
    Sep 2010
    Posts
    45

    Default

    OK, i've try the method that the proxy server infront of UT server but the connection to the internet ware too slow, then now i try to make the proxy parallel to the UT server. This is what i try to do here..



    can we do this?
    Last edited by syedadie; 12-29-2010 at 10:42 PM.

  7. #7
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,494

    Default

    Untangle can only have 1 path to the internet... however what you are asking for is possible. You'll simply need to create a firewall rule to prevent stations from getting out directly. Untangle will not be a proxy client.

    To do that just put the proxy behind Untangle like the rest of the LAN, and configure your workstations to use it.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  8. #8
    Untangler
    Join Date
    Sep 2010
    Posts
    45

    Default

    So that i need to block all http/https traffic in firewall at UT server and setting all client to used proxy for web browsing?

    Thanks

  9. #9
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,494

    Default

    Don't take this the wrong way... but if you're asking those questions you're missing several critical qualifications to even be doing this. If this network is for experimentation then sure... but if this has any real live value you're risking quite alot.

    For the sake of them being crazy questions because you're unfamiliar with Untangle...

    The firewall rule you need is to simple deny access to TCP port 80, and TCP port 443 outbound. Then create a second rule above the block rule that allows access to both of those ports from the IP address of the proxy. That way all of the workstations on the network can't get out unless they talk to the proxy. There are ways to bypass that... but such is life.

    As for configuring each workstation to use the proxy, that is outside the scope of Untangle. It's a browser specific configuration to tell each web browser to use a proxy server. There are many ways to do this, none of which I'm all that familiar with because I don't use proxy servers. I've had far more issues with them, and in my world, they cause far more problems than they solve.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  10. #10
    Untangler
    Join Date
    Sep 2010
    Posts
    45

    Default

    OK, thanks for all the ideas I've be do some testing in my network here, so now i'm putting about 30 client to used the proxy (manually configured), if it done well, then i need to reconfigure the UT box to block all HTTP/HTTPS traffic and educate user to used proxy to access to the web. So i think this post will be closed

    Thanks again.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2