I'm trying to setup a Application specific proxy. I have tried everything that I could find via Google search and nothing seems to work. All the proxy servers I have found seem to be centered around web browsers such as IE, and firefox.
I want to redirect internal web traffic (browsing) to an external web server for Web, Virus and Spyware filtering. Those externals proxies are running in 8080 port. I have one ASA firewall and a Cisco 2600 router. I was thinking in doing PBR in the router but in the next hop I can only set one IP, not an IP and a port. So how can I redirect web traffic to an external proxy listening in 8080 port?
I have an ACE4710 with a few basic farms running and it works great however I now need to implement an SSL proxy service for the first time. The requirement is that clients who are already using FQDN's need to be sent to diffent real server IP addresses as each client will have their own VM. All the clients will use the same global IP address with different A records.
As per CISCO QoS document URL, IOS from 12.2(13)T support drop command in policy map. But our CISCO ASR 1013 having IOS of Version 15.2(1)S1 doesn't have drop syntax.How can we drop specific application using QoS in ASR 1013 of IOS version 15.2 and higher?,Can I allow few users for a particular application (like P2P) and drop other users based on users source IP?
is it possible to construct the L7 HTTP class-map expression to match all URLs except one? I have 1 correct url, for example: /correcturl.* and want to redirect requests to all other possible URLs to this one, without the need to list them all in "possitive match" statements.
How would I set up my own anonymous proxy server with my own ip address without having to go on a proxy list site? I don't care how complicated or time consuming it may be, I'm a very fast learner and I do things extremely quickly.
i want to acces the video content of the Dutch television channels, but i am living abroad, they track the ip, see i am not in holland and dont show the content. There are some companies providing a vpn subscription in the Nethderlands for 15 Euro a month and that works perfect, just its a little expensive. Now my hope was to buy a seccond hand vpn router, that i want to put at my parents place in holland, and some how use it in the same way as the vpn service of the company. So using it to connect, and browsing trough this connection to get a Dutch ip.
"How do i setup a proxy correctly using firefox?"I forgot what addon it was that i was trying to use, proxy fox i assume. If there any better firefox proxy addon that i can use i will be happy to use.I want to know the steps to make the proxy work correctly, because i like to be anonymous as possible when using the internet. I don't care about internet speed.
Currently using WCCP with squid for content filtering. One of our sites we connect to needs to see the connection coming from our public IP address, not the proxy server IP. I've created a acl in squid for direct lookup, but the website gets angry with the X-Forwarder-Header squid attaches to each packet. Is there a way in a cisco ASA 5505 to bypass wccp for a specific public ip address or url?
I am facing problem with ACE configuration. I want to redirect 443 traffic to my Proxy Server. But I am not able to do this. I want to redirect only subnet 192.168.80.0/24..Then only it is working but I dont have to have this policy to be applied on all the users only one subnet I want to have under HTTPS policy.
how can I apply the policy only on specific subnet so that port 443 traffic can be redirect and rest of all subnets can go direclty to Internet.
I want to setup a proxy server and also to create a group policy on proxy that will take effect on two ou's of staff and executives (150 plus pcs) on the executives ou I want the gpo to be only be effective when dey re in the office and non effective when they are outside the office and which to use their own personal internet modem.
I Changed my old firewall by an ASA5510, since that change my internet connexion is slower.Some websites takes longer to display.I would like to know if there are some specific configuration about TCP connection or DNS to setup?
I just configured the ISP DNS :
Dns server-group DefaultDNSname-server 220.127.116.11 name-server 18.104.22.168
Trying to get a service setup with a third party to access our system (ERP web service to access our ERP data, making data available to customers and vendors via internet). They require that I setup four external IP addresses to have access through the firewall. I haven't figured out how to do this. I'm using a Linksys WRV200 router.
I would like to connect devices to my network so that their traffic passes through a proxy running on my computer. I figured the best way to do this is by setting the proxy on my router to the one I am running, but then I would need to have another connection to the computer running the proxy or else there would be an infinite loop ?? something like that. so:
Internet -> router (1) -> my proxy on comp A -> router (2) -> computer B
I access the internet from my company�s LAN, which has a restrictive firewall, so I cannot request the admin to open any ports manually for me. Hence I use a software called your-freedom. This proxy software supports both http as well as socks 4 and 5 proxy (by entering the proxy IP 127.0.0.1 (localhost) and Port 8080 for http proxy OR 1080 for Socks Proxy), and I have successfully been using web browsers and some other softwares that support proxy/ allow proxy info to be entered to login/ connect to the internet. Your-Freedom also supports port forwarding.However, the softwares I intend to use do not have any options to enter proxy methods or proxy ports (as far as I have noticed). I have tried to proxify these 2 softwares using softwares such as SocksCap and Free Cap, but either they don�t work, or my settings in proxifying are not correct. I believe I will have to do port forwarding or proxify the softwares, but have been unable to do so in the correct manner.
Following is the info on the 2 softwares:
1.NOW Trading terminal:[FONT=Times New Roman]Normally when I start the NOW or Zerodha software, the software starts and I get a login screen, but under firewall conditions, I get the initial Splash screen but then the software stops with the error: [b][u]NOW Initialisation failed for Interactive Engine << os error>>.
2.PowerIndia Bulls:The software is written in Java and starts with a batch file (PowerIndiabulls.bat) located in C:UsersDEFAULT_USERNAMEAppD..... I converted this batch file to .exe (with battoexe software) and then ran it through a proxifying software. The .exe start properly without proxifying software but not under proxifying environment. Basically the software needs to connect to the internet using Port 443. I am also expected to keep ports 443, 41599 and 59598 open. software's requirement is available at Indiabulls Securities: Indiabulls Securities is a leading capital market company offering securities broking and advisory services, depository services, equity research services to its clients in India. (item no. 5).To confirm, while the software is unable to connect through port 443, you will get an error message: "Connection to Login Server could not be established" when you try to login with any random Username and Password.To know that the software is able to connect properly, you will get an error: "This User ID is not enabled to be used with this product".
I have installed anm 4.3 and is trying to setup monitoring my css11506. I have added the device and on the monitoring-setting-polling status, said the polling configuration is enabled, but the polling status time out.
The css11506 snmp configure as: snmp trap-type enterprise snmp cmmunity xxxxx read-only snmp name "anm v4.3" [code]...
I need to setup new ACE 4710 device , after referring to "Establishing a Console Connection on the ACE" i had managed to set up initial console connection. During installtion i had configured vlan (default vlan 1000) , interface ip adess& subnet mask.
Post initial config i understand i should be able to open' Device Manager GUI Login Window' but it is not opening.I also need inputs on setting 4710 for the telnet connection
Is it possible to enable an absolute value rate limit using QOS on a HP ProCurve 5406 switch for a particular IP range on a specific port? Is there a way to configure our HP 5406 with an absolute rate limit on "WAN" port for that server's IP range? I would like to limit it to only being capable of sending 1Mbps worth of traffic over the head end at once.Everything in the documentation points towards priority queues, which as far as I can tell, isn't really what I want.Baring accomplishing this goal using rate limiting is there a better way to prevent our services from accidentally saturating this connection?i thimkong about somthing like that:
class ipv4 rate-limit-port-A1 match ip 10.136.0.0/16 any exit policy qos port-a1-ratelimit class servers-to-be-slowed action rate-limit kbps 1000 exit interface A1 service-policy port-a1-ratelimit inI'm not sure about this.
I use a router RV082 with load balancing. My problem is when I try to access a specific site, I get the error message that my IP address changes and I can not use 2 ip address. I want to specify an ip range to always use the same WAN port.
I have setup load-balancing on an ACE 4710 for HTTP for Sharepoint 2010. The Server Admin says that the IIS server will recognize the right site by DNS name. Problem is I have no clue how to make sure the servers get the DNS name passed to them. They says this is for a multi-homing setup so that we can run multiple sites using the same VIP to the same Serverfarm. How do I do this? I keep getting the IIS splash page since the real server cannot determine the IIS site that I am supposed to access.
This is how it looks in the configuration:
class-map type http loadbalance match-any WWW.SITENAME.COM:80_STATIC_NOT_COMPRESSABLE 10 match http url .*.xico class-map type http loadbalance match-any WWW.SITENAME.COM:80_STATIC_COMPRESSABLE 10 match http url .*.xjs 20 match http url .*.xcss class-map type http loadbalance match-any WWW.SITENAME.COM:80_DEFAULT 10 match http url .*
Questions are: Why do I see things being compressed when there is only being accounted hits in a compression:off class ?Why does enabling compression in one class (never being hit) cause hits in other clases to be compressed ?
we would like to setup FTP server over CSS where our member sever use non-std-port to open both control/data channel (i.e. 6370 as ctrl and 6369 as data this case.) but seems we only get Passive mode FTP mode work only but not for Active mode FTP case for data channel establishement for server back to client..
# sh ver Version: sg0820501 (08.20.5.01) Flash (Locked): 08.10.1.06 Flash (Operational): 08.20.5.01 Type: PRIMARY Licensed Cmd Set(s): Standard Feature Set
Need assistance understanding how in ASDM/Configuration/Site-to-Site VPN/Connection Profiles/ "Any Entry" I can specify that I only want to offer an IKE Proposal of pre-share-aes-256-sha?
The IKE Proposal field has a number of possible options including: pre-share-aes-256-md5, pre-share-3des-md5, pre-share-aes-256-sha, pre-share-aes-192-sha, pre-share-3des-md5, pre-share-aes-sha and pre-share-3des-sha.
I am able to pick a specific IPSec Proposal w/o issue but when I attempt to do the same for the IKE Proposal, and click OK the choice does not "stick" but rather returns to the entire list as defined above.