Kerio Tech KERIO WINROUTE FIREWALL 6 User Manual

Page 123

Advertising
background image

8.4 Proxy server

123

Enable non-transparent proxy server

This option enables the HTTP proxy server in WinRoute on the port inserted in the Port

entry (3128 port is set by the default).

Warning

If you use a port number that is already used by another service or application, WinRoute

will accept this port, however, the proxy server will not be able to run and the following

report will be logged into the Error log (refer to chapter

22.8

):

failed to bind to port 3128:

another application is using this port

If you are not sure that the port you intend to use is free, click on the Apply button and

check the Error log (check whether the report has or has not been logged) immediately.

Enable connection to any TCP port

This security option enables to allow or block so called tunneling of other application

protocols (than HTTP, HTTPS and FTP) via the proxy server.

If this option is disabled, the proxy server allows to establish connection only to the

standard HTTPS port 443) — it is supposed that secured web pages are being opened. If

the option is enabled, the proxy server can establish connection to any port. It can be

a non-standard HTTPS port or tunneling of another application protocol.

Note: This option does not affect the non-secured traffic performed by HTTP and/or FTP.

In WinRoute, HTTP traffic is controlled by a protocol inspectors which allows only valid

HTTP and FTP queries.

Forward to parent proxy server

Tick this option for WinRoute to forward all queries to the parent proxy server which will

be specified by the following data:

Server — DNS name or IP address of parent proxy server and the port on which

the server is running (3128 port is used by the default).

Parent proxy server requires authentication — enable this option if authentication

by username and password is required by the parent proxy server. Specify the

Username and Password login data.

Note: The name and password for authentication to the parent proxy server is

sent with each HTTP request. Only Basic authentication is supported.

The Forward to parent proxy server option specifies how WinRoute will connect to the

Internet (for update checks, downloads of McAfee updates and for connecting to the

online Kerio Web Filter databases).

Set automatic proxy configuration script to

If a proxy server is used, Web browsers on client hosts must be configured correctly. Most

common web browsers (e.g. Internet Explorer, Firefox/SeaMonkey, Opera, etc.) enable

automatic configuration of corresponding parameters by using a script downloaded from

a corresponding website specified by URL.

In the case of WinRoute’s proxy server, the configuration script is saved at

http://192.168.1.1:3128/pac/proxy.pac,

Advertising
Popular Brands
Popular manuals