Branch office users internet access through Head Office proxy server
Please kindly look into the attached file,and suggest me how to achieve the internet access for the Branch users through the head office proxy server,using ASA 5510 firewall at Head Office and TZ-170 Sonicwall at Branch office,for your information Head office and Branch office are connected through the MPLS cloud.
Re: Branch office users internet access through Head Office prox
The following are the step wise tasks for this requirement. I am happy to help you with the configuration part also.(I would like to suggest you to use a Private Range IP in the Branch Office instead of 188.8.131.52/24. range)
1) First you can set up a IPSEC tunnel between your ASA5510(192.168.100.2) and the TZ-170 Sonic Wall(192.168.200.2)
2) Permit the traffic ' tcp 184.108.40.206 255.255.255.0 host 192.168.20.125 eq (proxy_portno) ' from the Sonic Wall inside interface
3) In the ASA , permit the traffic tcp host 192.168.20.125 220.127.116.11 255.255.255.0 eq 80/8080/443 in the inside interface of the ASA
4) Pemit/configure your Head office Proxy for Branch office 18.104.22.168/24 to have internet access through it.
5) Configure Banch office Users Internet Browsers with the Head office Proxy IP(192.168.20.125) and Port
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...