Proxied-Http - Watchguard Firebox X1000 Reference Manual
Vpn gateway
Hide thumbs
Also See for Firebox X1000:
- User manual (314 pages) ,
- Quick start manual (38 pages) ,
- Hardware manual (30 pages)
Table of Contents
Advertisement
CHAPTER 4: Types of Services
you must explicitly enable (by adding service icons) any outgoing services
you intend to use. If you do not, outgoing TCP connections won't work
properly.
Characteristics
•
•
•
•
Common Scenarios
Proxied-HTTP
Proxied-HTTP combines configuration options for HTTP on port 80 with
a rule allowing all outgoing TCP connections by default. Using the
Proxied-HTTP rule ensures that all outgoing HTTP traffic, regardless of
port, will be proxied according to the HTTP proxy rules.
WatchGuard recommends that you allow incoming HTTP only to any
public HTTP servers maintained behind the Firebox. External hosts can be
66
Protocol: TCP
Server Port(s): 80 (although servers can be run on any port, a common
alternative is 8080, and Secure Socket Layer (SSL) connections are
generally served on port 443)
Client Port(s): greater than 1023
RFC: 1945
Scenario 1
Description
"Public" HTTP server on the optional network.
Icons in the Services Arena
An HTTP icon, with Incoming From Any to the HTTP server.
Scenario 2
Description
"Public" HTTP server on the trusted network.
Icons in the Services Arena
Even with dynamic NAT, the HTTP server must have a "public"
address. Configuration is exactly the same as in Scenario 1.
WatchGuard Firebox System
Hide quick links:
Advertisement
Table of Contents
