WinGate Forums

[archer_tx]

Hello,

I have an environment that includes a mix of desktop and laptop clients. The laptops obviously come into and out of the LAN environment. And of course there are many smart phones and tablets. Our Firewall\Gateway is a Cisco ASA 5510. We are running Active Directory and Windows DHCP and DNS. The main purpose of WinGate is to monitor and control access to the Web.

I don't want to set a group policy for the laptops as there will be issues when they leave the LAN.

Will setting a DNS forwarder address to the WinGate Proxy address be enough to force the clients to use Wingate as the Proxy? After this works my plan is to configure the ASA to only allow HTTP traffic to the WinGate Proxy.

Thanks,

Archer

[adrien]

Hi

in short setting DNS to WinGate won't get external clients to use WinGate as a proxy.

You could do some hacking, get WinGate to always return its own IP for all lookups, so that external clients connect to WinGate, then set the WWW proxy to relay based on host header, but there will be a raft of problems with this approach as well, especially when it comes to other client software connecting to other services on other ports.

The only way we can really recommend using a proxy from the Internet is to explicitly set the device to use the proxy in the proxy settings.

Regards

Adrien