Non-Transparent

Discuss and get help configuring CacheGuard to protect Web end-users
User avatar
FortifyIT
Posts: 21
Joined: 10 Apr 2018 19:07
Contact:

Non-Transparent

Post by FortifyIT » 30 Apr 2018 19:55

Hey

do we just turn off Transparent Mode to put it into regular proxy mode (i.e. setting browsers to go to whatever IP/DNS name for the proxy)?

Testing CG in Transparent mode now but want to set it up in Non-Transparent mode to test at client sites so we can then go live with this to provide secure browsing for our clients.

THanks
Mike

User avatar
charles
Site Admin
Posts: 41
Joined: 06 Nov 2014 16:23
Location: Paris
Contact:

Re: Non-Transparent

Post by charles » 02 May 2018 20:57

Hi,

When the forwarding proxy mode is activated (command mode web on), the non-transparent (or explicit) Web proxy mode is always enabled (and can't be deactivated). To deactivate the explicit forwarding proxy, you should deactivate the forwarding proxy mode (command mode web off)

Best Regards,
Charles Tajvidi
IT Technical Architect
http://www.cacheguard.com

User avatar
FortifyIT
Posts: 21
Joined: 10 Apr 2018 19:07
Contact:

Re: Non-Transparent

Post by FortifyIT » 21 Mar 2019 22:01

Hi

I want to put CG into a colo datacenter with a static IP so I can point my clients to it to be used as a web proxy.

How would I go about setting up the NIC's? Would I only need to worry about setting the External NIC?

Thanks
Mike

User avatar
david
Posts: 157
Joined: 08 Aug 2015 20:38

Re: Non-Transparent

Post by david » 22 Mar 2019 22:43

Hi,

CacheGuard can only be implemented in a two arms configuration (with two IP addresses: one for the external and one for the internal). In your case ,you will need 2 public IP addresses in two distinct networks.

If having two public IP addresses is not an option, you should place your CacheGuard behind a firewall with NAT capabilities and implement the architecture represented in the attached diagram.

Best Regards,
Attachments
RemoteCGAsService.jpeg
RemoteCGAsService.jpeg (72.94 KiB) Viewed 445 times
David Jan
CacheGuard Technical Team
https://www.cacheguard.com

User avatar
FortifyIT
Posts: 21
Joined: 10 Apr 2018 19:07
Contact:

Re: Non-Transparent

Post by FortifyIT » 28 Mar 2019 18:16

Got it. I will do the Firewall option, that's what I was thinking I would have to do with only one Public IP. Thanks for confirming and clarifying.

WOrking on building a server up now so i can test things out.

Thanks
Mike

User avatar
david
Posts: 157
Joined: 08 Aug 2015 20:38

Re: Non-Transparent

Post by david » 28 Mar 2019 20:52

Hi,

You are very welcome!
If you need any further information, please do not hesitate to contact us on this forum.

Best Regards,
David Jan
CacheGuard Technical Team
https://www.cacheguard.com

User avatar
FortifyIT
Posts: 21
Joined: 10 Apr 2018 19:07
Contact:

Re: Non-Transparent

Post by FortifyIT » 11 Apr 2019 12:16

Hey David

the Two IP option, I'll talk to the CoLo and see if I can get two IP's. So basically with two IP mode, Internal gets one and the External gets the other IP and that's all that would have to be done?

User avatar
david
Posts: 157
Joined: 08 Aug 2015 20:38

Re: Non-Transparent

Post by david » 15 Apr 2019 21:27

Hi,

Yes, provided that the two IP addresses are not in the same subnet.

Best Regards,
David Jan
CacheGuard Technical Team
https://www.cacheguard.com

User avatar
FortifyIT
Posts: 21
Joined: 10 Apr 2018 19:07
Contact:

Re: Non-Transparent

Post by FortifyIT » 16 Apr 2019 12:43

Ok Great. Thanks David. Just wanted to verify that.

I'll get with my Colo and see what they can do. I tried studying your picture and I was getting confused. I'm not the greatest networker.

Thanks
Mike

User avatar
FortifyIT
Posts: 21
Joined: 10 Apr 2018 19:07
Contact:

Re: Non-Transparent

Post by FortifyIT » 03 May 2019 16:13

Hi David


Ok I need some help. I have the server in the COLO with two public IP's. I can get to the interface over the External IP side but I can't get to it from the Internal IP side. Setting the Proxy up just kills my browsing.

I'm clearly doing something wrong or have something set wrong.

Could you help? Could you log in? if so PM me and i can give you the information

Post Reply