I think you can use the http mapped service of this,
-GS
-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM] On Behalf Of
cisco4ng
Sent: Friday, December 29, 2006 6:51 PM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: [FW-1] Checkpoint and Microsoft ISA Server 2004 transparent
proxying
A customer asked me this but I don't know the answer to this. Can
someone
help?
hostA------------------------------------
|
Local LAN_X |-----CheckpointNGx----Internet
|
Microsoft Proxy Server hostB---|
HostA wants to browse the Internet via the browser. HostA default
gateway is the CheckpointNGx internal interface. CheckpointNGx is
doing either "hide" or static NAT for localLAN_X.
I would like to configure the Checkpoint firewall so that when
hostA initiates a connection via the browser to the Internet, it will
go to the CP firewall first. CP firewall will then re-direct
that connection to the Proxy Server hostB. I would like to be
able to do this without manually reconfiguring the "Internet
setting" on hostA browser. This is called transparent proxying.
In other words, hostA is being redirect to the proxy server hostB
without knowing anything about it. The Proxy Server hostB will
do the Web Proxy http/https connection for hostA.
Can it be done with Checkpoint? If so, how? Thanks. I can not
change the flow of the traffics or the design. this is what the
customer wants. My job is to implement it.
cisco4ng
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
