To redirect web traffic from connected computers, you must configure the proxy settings of the web browser to point to the public IP address of your Smoothwall System. The browser used must also support client-side certificates.
You may not be using a Windows 7 computer. You must refer to your own documentation accompanying the computer for a description of how to set this up accordingly. The following is only relevant for Windows 7 computers.
To redirect web traffic to Secure Global Proxy from a Windows 7 computer, do the following:
|1.||Log into your Windows computer, and open Control Panel.|
|2.||Click Internet Options to open the Internet Properties dialog.|
|3.||Open the Connections tab.|
|4.||From the Local Area Network (LAN) settings panel, click LAN settings.|
|5.||Tick Use a proxy server for your LAN, and configure the following proxy settings:|
|•||Address — Either the external IP address of your Smoothwall System, or hostname if it’s a publicly resolvable domain name.|
|•||Port — The port number to send proxy requests to. This is the port number the Smoothwall System is listening on for NTLM authentication requests; see Configuring an NTLM Authentication Policy.|
|6.||Ensure Bypass proxy server for local addresses is ticked.|
Note: If the connecting Windows machine is outside the Active Directory domain configured on the Smoothwall System, users will be required to provide NTLM authentication credentials when they first open the browser. These credentials must match the ones configured on the Smoothwall System. However, you may notice a performance hit when browsing. This is because Windows will respond to every
407:Proxy authentication required request from Secure Global Proxy with the local Windows credentials first before using the NTLM credentials provided. For optimal performance, the computer should be a member of the Active Directory domain that the Smoothwall System uses for authentication.
If Secure Global Proxy has been configured to use client certificates, you must install the certificate onto the Windows 7 computer.
You do this as follows:
|1.||Download the Secure Global Proxy certificate (
|2.||Open Control Panel.|
|3.||Click Internet Options to open the Internet Properties dialog.|
|4.||Open the Content tab.|
|5.||From the Certificates panel, click Certificates.|
|6.||From the Intended purpose drop down list, select <All>.|
|7.||Click Import to start the Certificate Import Wizard. Click Next.|
|8.||Locate and open the certificate downloaded from your Smoothwall System. Click Next.|
|9.||Leave the certificate in the Personal certificate store. Click Next.|
|10.||The default client certificate downloaded from your Smoothwall System has a blank password. If the certificate has been manually manipulated to have a password, you will be prompted to enter it now.|
Confirm your changes, and click Finish to load the certificate.
|11.||You must add a proxy exception for the external address of your Smoothwall System to the proxy server details configured in Example Configuration for Windows 7 Computers.|
|12.||Set the home page of your chosen browser to point to:|
to force certificate validation every time a browsing session is started.
The Windows 7 computer will use the certificate as an additional layer of security.
Note: Some browsers, such as Mozilla Firefox®, do not use the central proxy configuration on Windows computers, and must be configured separately. For a detailed description of how to set this up, refer to the browsers’ own documentation.