Branch office users internet access through Head Office proxy server

Lavanholy · ‎01-20-2009

Hi,

Please kindly look into the attached file,and suggest me how to achieve the internet access for the Branch users through the head office proxy server,using ASA 5510 firewall at Head Office and TZ-170 Sonicwall at Branch office,for your information Head office and Branch office are connected through the MPLS cloud.

Please suggest me the solution.

Best Regards,

Lavanholy

Jithesh K Joy · ‎01-20-2009

Hi

The following are the step wise tasks for this requirement. I am happy to help you with the configuration part also.(I would like to suggest you to use a Private Range IP in the Branch Office instead of 192.100.1.0/24. range)

1) First you can set up a IPSEC tunnel between your ASA5510(192.168.100.2) and the TZ-170 Sonic Wall(192.168.200.2)

2) Permit the traffic ' tcp 192.100.1.0 255.255.255.0 host 192.168.20.125 eq (proxy_portno) ' from the Sonic Wall inside interface

3) In the ASA , permit the traffic tcp host 192.168.20.125 192.100.1.0 255.255.255.0 eq 80/8080/443 in the inside interface of the ASA

4) Pemit/configure your Head office Proxy for Branch office 192.100.1.0/24 to have internet access through it.

5) Configure Banch office Users Internet Browsers with the Head office Proxy IP(192.168.20.125) and Port

IE-->Tools-->Internet Oprions -->Connections -->LAN settings

Regards

Jithesh

Jithesh K Joy · ‎01-22-2009

Hi

coold you please post if your requirement needs more input in configuration part ?

Regards

Jithesh