Web Proxy behind PAN firewall and application recognition

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Web Proxy behind PAN firewall and application recognition

Not applicable

I know this question has been asked in other posts but I figured I would give it another try. I would like the PAN to sit between my users and my web proxy *and* for the applications to be recognized instead of just reported as proxy traffic. Is there any setting to force the PANOS to do this?

16 REPLIES 16

1) I was talking about that when the packet leaves your Proxy (towards internet) the srcip will be the clientip (instead of the ip of the physical interface).

Like so, before proxy:

srcip: <clientip>

dstip: <proxyip_insideinterface>

after proxy:

srcip: <clientip>

dstip: <webserverip>

I will check if squid can do the "keepsource=yes" feature and get back, otherwise there are other proxies which can do this.

2) Yes, you can specify which interface to use in Device -> Setup -> Services and then Service route configuration to define which mgmt-services should use the mgmt-interface and which should use one of the dataplane-interfaces.

Edit:

I found some info on how to do this with squid:

http://wiki.squid-cache.org/Features/Tproxy4

http://wiki.squid-cache.org/ConfigExamples/Intercept/CentOsTproxy4

http://wiki.squid-cache.org/ConfigExamples/FullyTransparentWithTPROXY

http://www.squid-cache.org/mail-archive/squid-users/200705/0443.html

http://www.squid-cache.org/mail-archive/squid-users/200705/0447.html

Some newer info regarding Squid3:

http://www.deckle.co.uk/squid-users-guide/transparent-caching-proxy.html

http://www.lesismore.co.za/squid3.html

The device where I first saw this keepsource=yes feature was in the Farist Firewall http://www.tutus.se/products/farist-firewall.html

Thanks, I am not sure if these solutions are feasible for my real situation though...

It looks like it is acting more likely as "transparent", that is all to me.

  • 10281 Views
  • 16 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!