+ Post New Thread
Results 1 to 4 of 4
Internet Related/Filtering/Firewall Thread, SonicWall 2040 http port forwarding question in Technical; I hate the rules settings with a passion on this Sonicwall box, nothing seems to be logical. Anyway... I want ...
  1. #1
    Number6's Avatar
    Join Date
    Feb 2009
    Location
    Worcester, UK
    Posts
    457
    Thank Post
    2
    Thanked 9 Times in 8 Posts
    Rep Power
    13

    SonicWall 2040 http port forwarding question

    I hate the rules settings with a passion on this Sonicwall box, nothing seems to be logical.

    Anyway... I want to trap all internal web traffic on port 80 and transparently forward it to port 8080. My reasoning is to give our network transparent web filtering and proxying via the Dansguardian / squid box.

    I know that I can set proxy settings via GP, and I have done so, but this doesn't stop users manually modifying the proxy settings, nor installing browsers that won't pick up on the GP setting. We also have roaming users who are not AD users but who use internet access via our network. I'd also like to trap things like iPhone browsing. I want to send all web traffic to the proxy.

    Sooo.... can anyone who actually understands SonicWall's forwarding rules tell me if this is feasible and if so how I'd do it?

    Many thanks.

  2. #2


    tom_newton's Avatar
    Join Date
    Sep 2006
    Location
    Leeds
    Posts
    4,475
    Thank Post
    866
    Thanked 850 Times in 672 Posts
    Rep Power
    196
    This probably isn't practical. I've never seen one box do transparent capture and another box do filter/proxy except with WCCP, and you need cisco at the router for that.

    Bear in mind that you will lose all your hard work with squid/dg authentication if you go transparent - very few transparent proxies do auth (SmoothWall Guardian does, but its not the sort of thing that's particularly easy to replicate on your own!).

  3. #3
    Number6's Avatar
    Join Date
    Feb 2009
    Location
    Worcester, UK
    Posts
    457
    Thank Post
    2
    Thanked 9 Times in 8 Posts
    Rep Power
    13
    Quote Originally Posted by tom_newton View Post
    This probably isn't practical. I've never seen one box do transparent capture and another box do filter/proxy except with WCCP, and you need cisco at the router for that.

    Bear in mind that you will lose all your hard work with squid/dg authentication if you go transparent - very few transparent proxies do auth (SmoothWall Guardian does, but its not the sort of thing that's particularly easy to replicate on your own!).
    Will I?

    Are you sure? If a user on our network opens up a browser and requests a web page this would normally go out on port 80 or 443 through the firewall, if the firewall silently redirects port 80 / 443 traffic to port 8080 instead then the browser will still think it's talking to the web site but is passing it's header info to port 8080 instead? Wouldn't it? In which case wouldn't the authenticators in the header still be passed to DG?

  4. #4


    Join Date
    Sep 2009
    Location
    Yorkshire
    Posts
    206
    Thank Post
    64
    Thanked 69 Times in 45 Posts
    Rep Power
    23
    Short answer: Transparently proxied client is not aware of auth.

    (Tom is on leave)

SHARE:
+ Post New Thread

Similar Threads

  1. Port forwarding problems
    By ryanster in forum Internet Related/Filtering/Firewall
    Replies: 5
    Last Post: 29th January 2010, 07:56 AM
  2. Smoothwall Port Forwarding
    By danrhodes in forum Internet Related/Filtering/Firewall
    Replies: 8
    Last Post: 21st January 2010, 12:00 PM
  3. [Ubuntu] IPTables Port Forwarding
    By localzuk in forum *nix
    Replies: 17
    Last Post: 3rd June 2009, 10:18 PM
  4. Cachepilot port forwarding
    By localzuk in forum General Chat
    Replies: 6
    Last Post: 29th October 2008, 08:55 AM
  5. port forwarding problem
    By IA76 in forum Wireless Networks
    Replies: 3
    Last Post: 15th August 2008, 01:29 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •