+ Post New Thread
Results 1 to 8 of 8
Internet Related/Filtering/Firewall Thread, Smoothwall transparent proxy mode in Technical; Hi, I was wondering how a Smoothwall appliance works in transparent mode without any client configuration? All our wireless devices ...
  1. #1

    Join Date
    Apr 2012
    Location
    Shropshire
    Posts
    12
    Thank Post
    2
    Thanked 1 Time in 1 Post
    Rep Power
    0

    Smoothwall transparent proxy mode

    Hi,

    I was wondering how a Smoothwall appliance works in transparent mode without any client configuration? All our wireless devices get DHCP addresses and then users have to manually configure the proxy address. How and where would we deploy an appliance where we could set a manual proxy for our owned network devices but then BYOD devices we want to auto connect via transparent mode with SSL login page with there AD credentials.

  2. #2

    glennda's Avatar
    Join Date
    Jun 2009
    Location
    Sussex
    Posts
    7,821
    Thank Post
    272
    Thanked 1,140 Times in 1,036 Posts
    Rep Power
    351
    You would need to setup the Smoothwall to be the default gateway - it can then have rules to setup SSL login page from transparent connections and then have all your networked machines controlled VIA pointing to non-transparent port and use NTLM. Works here and I know thats the way others have it setup.

    Toby

  3. 2 Thanks to glennda:

    Nathaniel (26th April 2012), tom_newton (27th April 2012)

  4. #3

    Join Date
    Apr 2012
    Location
    Shropshire
    Posts
    12
    Thank Post
    2
    Thanked 1 Time in 1 Post
    Rep Power
    0
    So can the Smoothwall be configured with various IP addresses on different ports. Our wireless devices are on a different vLan with different default gateways to that of other devices. So we could set the transparent port to be the default gateway of the wireless vlan? and then have another port for our LAN traffic which we can give an address which becomes the proxy address of our owned machines.

  5. #4

    glennda's Avatar
    Join Date
    Jun 2009
    Location
    Sussex
    Posts
    7,821
    Thank Post
    272
    Thanked 1,140 Times in 1,036 Posts
    Rep Power
    351
    Yes you should be able to setup multiple Internal Interfaces but you can also do it with a single NIC (as I do)

    The way we have ours setup is as follows
    One External WAN Nic
    One Internal Lan Nic
    All Vlans have the Default Gateway of our Core switch which the routes any unknown Traffic to the Smoothwall, you would just need to setup the routes on the smoothwall so it knows where to route the internal traffic. Traffic is controlled VIA the ACLs on the Switch.

  6. #5

    Join Date
    Apr 2012
    Location
    Shropshire
    Posts
    12
    Thank Post
    2
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Quote Originally Posted by glennda View Post
    Yes you should be able to setup multiple Internal Interfaces but you can also do it with a single NIC (as I do)

    The way we have ours setup is as follows
    One External WAN Nic
    One Internal Lan Nic
    All Vlans have the Default Gateway of our Core switch which the routes any unknown Traffic to the Smoothwall, you would just need to setup the routes on the smoothwall so it knows where to route the internal traffic. Traffic is controlled VIA the ACLs on the Switch.
    Then i presume the smoothwall routes non local traffic to your firewall?

  7. #6

    glennda's Avatar
    Join Date
    Jun 2009
    Location
    Sussex
    Posts
    7,821
    Thank Post
    272
    Thanked 1,140 Times in 1,036 Posts
    Rep Power
    351
    Quote Originally Posted by Nathaniel View Post
    Then i presume the smoothwall routes non local traffic to your firewall?
    Kind of - We have the Advanced Firewall so it is the Firewall as well as Filter

  8. #7

    Join Date
    Mar 2007
    Location
    Devon
    Posts
    1,048
    Thank Post
    226
    Thanked 63 Times in 56 Posts
    Rep Power
    30
    I'm starting to look at this option for our BOYD system, with laptops we have instructions sheets but the same system wont work with tablet devices.

    Am i thinking this right, our default gateway on DHCP is set to SW, setup the transparent policy to redirect users to SSL page and magically all works?

  9. #8

    glennda's Avatar
    Join Date
    Jun 2009
    Location
    Sussex
    Posts
    7,821
    Thank Post
    272
    Thanked 1,140 Times in 1,036 Posts
    Rep Power
    351
    In theory Yes!

  10. Thanks to glennda from:

    dave.81 (15th May 2012)



SHARE:
+ Post New Thread

Similar Threads

  1. Smoothwall Transparent Proxy one one port only
    By robk in forum Internet Related/Filtering/Firewall
    Replies: 3
    Last Post: 8th April 2010, 04:31 PM
  2. Squid Transparent Proxy.
    By Jackd in forum Network and Classroom Management
    Replies: 2
    Last Post: 25th July 2007, 07:54 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •