Internet Related/Filtering/Firewall Thread, SmoothWall and Proxy Sites in Technical; Hiya All!
We're currently having an issue with Proxy sites being used by the kids, where is it in the ...
26th March 2009, 04:18 PM #1
SmoothWall and Proxy Sites
We're currently having an issue with Proxy sites being used by the kids, where is it in the smoothwall filter setup to block proxy sites? i cant seem to find it!!.....
Ive also tried to use reporting on the one kid who's apparently been using proxy sites but i really cant get the reporting side to work!!!
26th March 2009, 05:43 PM #2
Off the top of my head I can't remember where it is - but their is an option to block non-signed SSL certificates, I would imagine these are the sort of proxy sites you are coming up against. Do a search on the site I am sure it will have been mentioned several times.
26th March 2009, 06:43 PM #3
Right...I think ive found out whats going on...
All students are in 1 group called "Student Users" which i thought was fine, now further looking into it some students are being mapped as "Default Users" right...so the default users have almost no policy against them...
Strange the only difference i can see is the "Primary group" in active directory, if there set to the smoothwall student group they are mapped as default users BUT if there primary group is "Students" (another one of our group in AD) then they are mapped to the proper Students group in the smoothwall...
If that makes sence...
26th March 2009, 11:01 PM #4
Quick Fix, map the Default Users group to No Proxy / interet etc that will stop them and then you need to suss out why the students are not getting into that group.
27th March 2009, 07:47 AM #5
Was my way of thinking and i did do that at first, but i would say that 3/4 of the pupils arent getting mapped to the right group, so i had about 30 knocks on the door within a space of 5 mins!! so ive applied some rules to the Default Group now for a temporary fix!!
Originally Posted by john
27th March 2009, 09:46 AM #6
Hi guys, sorry for the delay getting back to you on this.
If users are getting mapped to "default users" in usually means that the lookup to active directory hasn't returned any groups that are mapped on the SW. This may also in rare cases be because you have the user mapped to multiple SW groups that are conflicting in some way.
Best way to sort is to make sure that each user is in only one group that is mapped on the SW. Most people will facilitate this by making sw_staff, sw_year7, sw_year8 etc groups in AD, and then map one-to-one on the SW itself. Makes things a bit easier to manage.
As for blocking proxies, it does sound like there isn't a blocking issue per se but more of a group assignment problem. Just to summarise anyway, to block proxies:
- ensure the "web proxies" category is ticked to be blocked on the content and url filter.
- ensure on the "per group settings" page that you are blocking invalid HTTPS certificates for the required groups.
- it will help if you also have "deep URL inspection" turned on on the per group settings page.
- when you get the FP2 update next week, turn on "SSL Interception" and push out the certificate of the SmoothWall via AD/zenworks/manually to do all the usual filtering rules on HTTPS content.
Any problems, please feel free to give us a call.
Thanks to rob_f from:
mmoseley (27th March 2009)
27th March 2009, 10:25 AM #7
Thanks for the reply, it will certainly help, i will give it a go over easter!!!
Cheers and all the best!
By ssiruuk2 in forum *nix
Last Post: 2nd January 2009, 02:05 PM
By whatwherewhen in forum Links
Last Post: 28th October 2008, 03:14 PM
By bishopsgarthstockton in forum Links
Last Post: 7th December 2006, 11:29 AM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)