×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

It is possible to bypass proxy server from inside LAN

Unanswered Question
Sep 18th, 2013
User Badges:

Hi ,

     We have a proxy server which is used to provide internet access to LAN clients . I want some clarification regarding ,whether can anyone bypass our proxy server to access internet .

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jatin Katyal Wed, 09/18/2013 - 21:50
User Badges:
  • Cisco Employee,

It depends what kind of deployment you've. If you've explicit forward proxy the disadvantage include a user's ability     to alter an individual client configuration and bypass the proxy.


You can also use a Group Policy Option (GPO) setting to prevent users from changing proxy settings in windows enviornment. If you cannot enforce group policy settings on client machines, this type of configuration can be difficult to maintain for a large user base because of the lack of centralized management.



~BR
Jatin Katyal

**Do rate helpful posts**

Vance Kwan Wed, 09/18/2013 - 23:13
User Badges:
  • Cisco Employee,

Also, many companies deny port 80/443 access to the internet for all IP's except for the WSA's IP address by not granting NAT access for those destinations.  But this can be a problem if you ever needed to bypass some sites for any reason.  You will need to create exceptions for those on the access list used for the NAT service.


-Vance

Actions

This Discussion