Configuring the web proxy

Prerequisite

  • On your users’ devices, configure the web browser to use port 800 on the Smoothwall Filter as the web proxy, that is, a nontransparent proxy.

Procedure

  1. On the WEB PROXY menu, under the Web proxy submenu, click Settings.
  2. To deploy the web proxy, under the Global option section, for Guardian, select "Enable".
  3. To configure the web proxy, under the Available proxy settings section, click Advanced ».
    1. Under the Web filter options section:
      1. For the File upload policy, select if you want to "Allow unlimited uploads", "Block all uploads" or "Restrict upload size to" a certain number of Kbytes.
      2. Enable each of the options if you want:
        • Block advanced proxy bypass attempts.
        • Resume interrupted NTLM connections.
        • Resolve single component host names.
        • Server persistent connections.
        • Via headers.
        • Honor incoming X-Forwarded-For. - To take the client IP address from the X-Forwarded-For header, inserted by downstream proxy or load balancer.
      3. If you want access to servers running on non-standard ports, enter them and to add them to the list on your keyboard press Return.
    2. Under the Logging options section:
      1. Select if you want to Enable Proxy logging.
      2. Enter an Organization name and from the Filtering logging mode list, select a mode.
      3. Select if you want to log Client hostnames, Client user-agents, Advert blocks and Local accesses.
    3. Under the Cache options section:
      1. Enter the Global cache size for disk space that you want to allocate for caching web content.
      2. Enter the Max and min object size that can be stored in the cache.
      3. Enter the Max object size that can pass in and out of the proxy.
      4. In the Do not cache these domains, enter the domains that should be excluded from the web cache.
    4. Under the Internet Cache Protocol (ICP) section:
      •  If you want to allow ICP compatible proxies to query the Smoothwall Filter cache, for the ICP server select the Enable option.
        • Enter the ICP server IP addresses of other ICP-enabled proxies on the LAN that the Smoothwall Filter should query, and press Enter on your keyboard to add it to the list.
    5. Under the Load balancing section:
      • If your Smoothwall solution makes use of a load balancer, enter the virtual IP address to add it to the list and on your keyboard press Return.
  4. To save your changes, click Save.
  5. To restart the web proxy, click Save and restart or Save and restart with cleared cache.

Tip: Always perform a proxy service restart to make sure that changes are reflected correctly in the proxy server configuration.

Follow-up Task

  • Test that on a user’s device, when you go to http://thepiratebay.se/, that the Smoothwall blocks access to the site and displays a block page.

You can edit the default policies and create new policies to suit your organization.