Why can't I block connections from clients with the outgoing firewall which pass a proxy?

Email to friend

Add comment

Votes: 0

Comments: 0

Posted: 08 Feb, 2007
by: Warasin P.

Updated: 08 Feb, 2007
by: Warasin P.

If a proxy will be used for a certain service (HTTP, POP, SMTP, DNS, ...) firewall rules in the ougoing firewall will take no effect, because of the very proper nature how proxies do work.

Connections from a client will be intercepted by the proxy on Endian Firewall (transparent mode) or go directly to the firewall, but never go through the firewall. The proxy then starts a new connection to the real destination, gets the data and sends it to the client. Those connections always start from the Firewall and not from the client, which hides the clients internal ip address. Such connections never go through the outgoing firewall, since in fact they are local connections.

You can use the network based access control of the respective proxy (if implemented) to block connections of certain clients.

Others in this Category

	Why is port 113 open by default?
	Pressing F5 does not refresh a stale webpage
	Is there a way to stop sending mail to the user when POP3 Proxy has marked the email as Spam?
	Proxy analysis report and Log summary gives me no reports but an error message?
	When i download a large file over http proxy the transfer stop and the file don't full download.
	I have problems when I connect multiple zones on the same switch. How to solve this?
	Endian Firewall boots from my daily backup USB stick / from my UMTS modem USB stick !?!
	Why is whitelist not working with http proxy authentication / contentfilter / antivirus?