Search found 163 matches
- 03 Aug 2017 20:19
- Forum: Other General Configuration
- Topic: Bypass URL List
- Replies: 1
- Views: 8059
Re: Bypass URL List
Hi, Well, my responses below: - Excluding a domain name from the SSL mediation: YES , you can do that with exception lists. Please refer to the documentation at: http://www.cacheguard.net/doc/guide/ssl_mediation.html#exceptions . - Excluding a domain name from the URL guarding: YES , by reviewing yo...
- 25 Jul 2017 18:43
- Forum: Configure CacheGuard in frowarding mode
- Topic: Transparent HTTP Proxy
- Replies: 16
- Views: 24949
Re: Transparent HTTP Proxy
If you define transparent networks ([NETWORK] > [Main Settings] > [Transparent Networks]), you tell to CG to only intercept traffic from those networks and let traffic from other networks being simply routed (without interception --> without any treatment by CG). If no transparent network is defined...
- 25 Jul 2017 18:30
- Forum: Configure CacheGuard in frowarding mode
- Topic: Transparent HTTP Proxy
- Replies: 16
- Views: 24949
Re: Transparent HTTP Proxy
Your configuration seems to be good. You can turn off the dns mode if you don't use CG as DNS for other machines.
- 25 Jul 2017 18:28
- Forum: Configure CacheGuard in frowarding mode
- Topic: Transparent HTTP Proxy
- Replies: 16
- Views: 24949
Re: Transparent HTTP Proxy
Actually you mentioned this: Workstation IP is .13 -> pfSense CG Vlan .254 -> CG .250 -> ASA -> Internet Which is not exactly the same as the network topology we used in our lab. Does it mean that in addition to this your pfsense is directly connected to your ASA ? I mean do you have the following (...
- 25 Jul 2017 15:44
- Forum: Configure CacheGuard in frowarding mode
- Topic: Transparent HTTP Proxy
- Replies: 16
- Views: 24949
Re: Transparent HTTP Proxy
Hi, The port to route via CG should be the HTTP port (80) and not thttp (8081) which is for internal usage by CG only. Please don't modify this port unless you know what you do. Also you can't transparently route https traffic (port 443) via CG unless you activate the ssl mediation (on CG). SSL is p...
- 23 Jul 2017 14:40
- Forum: Configure CacheGuard in frowarding mode
- Topic: Transparent HTTP Proxy
- Replies: 16
- Views: 24949
Re: Transparent HTTP Proxy
Hi, We just finished to test the proposed architecture in our lab using a pfSense 2.3.4-RELEASE. We have found that pfSense policy routing does not work if both gateways (CG and ASA) are in the same VLAN. This is either a pfSense bug or a feature. Therefore we created a dedicated connectivity VLAN (...
- 21 Jul 2017 19:15
- Forum: Configure CacheGuard in frowarding mode
- Topic: Transparent HTTP Proxy
- Replies: 16
- Views: 24949
Re: Transparent HTTP Proxy
Hi, If I understand this correctly the internal IP of your CG should be 192.168.254.21 and its external IP 192.168.253.21. Also my understanding is that your CG is implemented in parallel with your (Cisco ASA Routing / FW) at the DC end. Therefore CG as an explicit proxy is reached at 192.168.254.21...
- 21 Jul 2017 18:56
- Forum: Configure CacheGuard in frowarding mode
- Topic: Transparent HTTP Proxy
- Replies: 16
- Views: 24949
Re: Transparent HTTP Proxy
Hi Thank you for your post. Can you please give me the internal and external IP addresses (or equivalent fictitious IP addresses) of your CG so I can figure out where your CG is implemented in the chain? Also you can find useful information in the documentation at: http://www.cacheguard.net/doc/guid...
- 07 Jul 2017 10:28
- Forum: Configure the URL Guarding
- Topic: Url-Guarding Issue
- Replies: 15
- Views: 26201
Re: Url-Guarding Issue
Hi, We built a similar configuration in our lab but we were not able to reproduce any issue related to the URL guarding. The issue may come from other features. Can you please disable the compress mode? The combination of the antivirus and compress modes is still unstable in the EH 1.3.1. Our engine...
- 07 Jul 2017 10:15
- Forum: Appliance Registration
- Topic: CG-OS-EH-1.3.1 Problem registering
- Replies: 1
- Views: 8090
Re: CG-OS-EH-1.3.1 Problem registering
Hi,
If your appliance have been already registered you should select "Already Registered" in the Web GUI (menu option [GENERAL] > [Main Settings] > [Registration & Subscription]). This way you restore its associated unique S/N.
Best Regards,
If your appliance have been already registered you should select "Already Registered" in the Web GUI (menu option [GENERAL] > [Main Settings] > [Registration & Subscription]). This way you restore its associated unique S/N.
Best Regards,