...
This article describes how the Internet traffic of a mobile worker who establishes a dial-in VPN connection to the company can be scanned by the HTTP Proxy of the Unified Firewall.
Requirements:
- LANCOM R&S® Unified Firewall with LCOS FX as of version 10.4
- LANCOM Advanced VPN Client as of version 4.1
- A configured and functional Internet connection on the Unified Firewall
- Configured and functional HTTP Proxy on the Unified Firewall.
- Web browser for configuring the Unified Firewall.
The following browsers are supported:- Google Chrome
- Chromium
- Mozilla Firefox
...
- A mobile worker establishes an IKEv2 connection with the Advanced VPN Client to the company.
- For the Internet traffic of the mobile worker to be encrypted it is routed via the VPN connection to the Unified Firewall.
- The Internet traffic of the mobile worker is to be scanned by the HTTP Proxy of the Unified Firewall.
...
1.1) Open the configuration of the Unified Firewall in a browser and set up an IKEv2 connection for the Advanced VPN Client.
1.2) In step 1.5 for Local Networks enter the address 0.0.0.0/0 instead of the local network. This address represents any network and thus makes it possible for the entire data traffic to be routed via the VPN connection.
...
Export the HTTP proxy certificate and import it into the computer with the Advanced VPN client. The procedure is explained in step 3 in this Knowledge Base article.
4) Configuring additional UTM functions (optional):
Additional UTM functions, which require the HTTP proxy can now be configured.
- LANCOM R&S®Unified Firewall: Configuring the antivirus feature
- LANCOM R&S®Unified Firewall: Configuring the URL/Content Filter