Disclaimer

The content of this material are challenges faced onsite and how I personally resolved them. Please be noted that solutions posted here

1> should not be considered as ultimate. The material may be considered for reference only.

2> should not be considered as guarantee that solutions may work. Contact Cyberoam support before making any changes.

3> blog does NOT belong to the Cyberoam. It's a blog...a personal blog.

Changes done after referring this site may seriously damage the network. So...

........DO CHANGES AT YOUR OWN RISK

(please contact cyberoamsupport before implementing any changes)

Sunday, 11 December 2011

How to deploy CR as single arm proxy Deployment 3

To deploy the CR as single arm proxy it pretty straight forward.

When to deploy CR in Single arm proxy:
1> Customer is really not ready to make any changes in the network
2> Customer wants to replace existing proxy
3> Customer has to use the CR IP as the direct proxy in their users browser.

Scenario:
(Scenario may vary but this would be a simple scenario)

Router-->FW(192.168.1.1)--->switch--->users
                                            |  
                                         CR(Port A-192.168.1.xxx)(Port B-Dummy IP address)(CR GW any dummy)

Deployment Mode of Cyberoam: Gateway


Steps:

1> deploy the Cyberoam in gateway mode with any dummy WAN IP address(Port B)
2> You need to connect the LAN interface (port A) to the switch so choose an IP within lan range or use existing proxy ip address once you replace it
3> Most important is in creating the static route from the GUI (Network -->static routes)
       destination network : 0.0.0.0/0.0.0.0   gateway   FW lan Ip address

The route is most import:
1> the traffic from the browser will be received by the Cyberoam on port A.
2> Because of the static route it wil be retuned to the FW gateway once it does all the scanning and other stuff.


Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)