HomeHome ArticlesArticles Most Popular ArticlesMost Popular Articles Most Helpful ArticlesMost Helpful Articles Request New ArticleRequest New Article
RSS Feeds
DrillDown Icon Table of Contents Back
 . . . . . . . . . . . . .
DrillDown Icon Vulnerability Security Advisories
DrillDown Icon Best Practices & Policies
DrillDown Icon Protect Your Cyberoam Appliances from Power Fluctuations
DrillDown Icon Technical Library
DrillDown Icon Compatibility
DrillDown Icon Archives
DrillDown Icon Version 9.x
DrillDown Icon How To
DrillDown Icon Anti Spam
DrillDown Icon Anti Virus
DrillDown Icon Authentication
DrillDown Icon Blocking
DrillDown Icon Clients
DrillDown Icon Content filtering
DrillDown Icon Firewall
DrillDown Icon IPS
DrillDown Icon Logs & Reports
DrillDown Icon SNMP
DrillDown Icon System
DrillDown Icon Configure PPPoE on Cyberoam
DrillDown Icon Connect Cyberoam using SSH (Secure Shell)
DrillDown Icon Lease IP to Wireless Networks placed in DMZ using DHCP
DrillDown Icon How To - Configure Dynamic DNS in Cyberoam
DrillDown Icon Obtain Appliance CPU information
DrillDown Icon Obtain Appliance Memory information
DrillDown Icon Rollback to previous version
DrillDown Icon How do I change the Web Admin Console (GUI) from English to Chinese lanaguage
DrillDown Icon How do I change the Web Admin Console (GUI) from English to Hindi language
DrillDown Icon Configure NTP Time server to synchronize Cyberoam clock
DrillDown Icon Parent Proxy deployment scenarios
DrillDown Icon Cyberoam as a DHCP server
DrillDown Icon Setup Serial Console Connection using HyperTerminal
DrillDown Icon Deploy Cyberoam in Gateway mode
DrillDown Icon Backup and Restore Cyberoam Configuration
DrillDown Icon Upgrade Cyberoam
DrillDown Icon Upgrade Cyberoam in HA
DrillDown Icon Registration
DrillDown Icon User
DrillDown Icon VPN
DrillDown Icon Intimation Regarding US New Daylight Saving Time Support
DrillDown Icon Verify the integrity check of Cyberoam Upgrade file using MD5 checksum
DrillDown Icon Troubleshooting
DrillDown Icon FAQ
DrillDown Icon Tech Notes
DrillDown Icon Visio Stencils for Cyberoam security appliances
DrillDown Icon Product Technical Support
  Subscribe Print PreviewPrint Current Article and All Sub-Articles
 
Parent Proxy deployment scenarios

Applicable to versions: version 9.4.1 build 2

In certain countries it is required that the Internet access be routed through a government-approved proxy server. In this situation, it is necessary that the security appliance routes the user access request through the government-approved proxy server by.

Apart from this, certain proxy servers are used for caching web contents and it is required that the user request is routed through such proxy servers.

In above mentioned cases, it is necessary to configure security appliance as a proxy server. In other words, the security appliance must act as a proxy server for another proxy server.

The Proxy server through which the security appliance routes the user request is called Parent proxy. Alternate popular terms used for parent proxy are Upstream proxy and Forward Proxy.

Above mentioned needs are satisfied by Cyberoam by simply configuring the Parent proxy IP address in Cyberoam.

Parent Proxy Deployment Scenarios

Parent proxy can be deployed in the:

Case 1: Parent proxy deployed in the Internet

When Parent proxy is deployed in the Internet, Cyberoam is to be configured as a proxy server for the LAN users. Cyberoam routes all the outbound requests through parent proxy.
 

Figure 1 - Parent proxy deployed in the Internet

Log on to Web Admin Console, go to System > HTTP Proxy > Configure HTTP Proxy and configure parent proxy IP address and communication port.
 

Case 2: Parent proxy deployed in LAN/DMZ

When Parent proxy is deployed in the LAN or DMZ, Cyberoam is to be configured as a proxy server for the LAN users. Cyberoam routes all the outbound requests through parent proxy.
 
 

Figure 2 - Parent Proxy deployed in DMZ
 
 

Figure 3 - Parent Proxy deployed in LAN

Configuration (when Parent proxy is deployed in LAN)

Log on to Web Admin Console

Step 1. Go to System > HTTP Proxy > Configure HTTP Proxy and configure Upstream proxy IP address and communication port.
 

Step 2. Configure firewall rule

a. Create host for Parent proxy
b. Create LAN to WAN firewall rule for Parent proxy
To prevent routing loop, do not apply Internet access policy (IAP) and HTTP scanning.
 

c. Create LAN to LAN firewall rule
 

If parent proxy is deployed in DMZ, create DMZ to WAN and DMZ to DMZ firewall rule
.
 
 
 

Document version – 1.0-31/08/2008

Attachments
Article ID: 1042