Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
268
Views
0
Helpful
1
Replies

PIX as full web proxy server? Can it be done?

0r8it
Level 1
Level 1

‎06-22-2006 04:06 AM - edited ‎02-21-2020 12:59 AM

Hi all,

I'm probably going to log a TAC call for this, but on the off chance that anyone knows...

I'm swapping out a Checkpoint unit for a 515E. The Checkpoint acts as the proxy server for web access for all of our users. If a user wants to see, for example, www.bbc.co.uk, Checkpoint knows how to go off and fetch external dns for this record, and then goes off and returns the page (if available, obviously).

But, is it possible to something like this on the PIX? I know it will operate as a local/radius/tacacs+ http authenticator in cut-through proxy mode, but will it also fetch dns?

Any thoughts?

regards,

Gary

0 Helpful
1 Reply 1

grant.maynard
Level 4
Level 4

‎06-22-2006 06:35 AM

PIX will not act as DNS server, proxy server or web cache. I didn't know CheckPoint did that either - surely something else on the same box was doing that.

PIX will allow this traffic through, you could do user auth on the PIX, PIX will do NAT, and you could use an external URL filter such as WebSense or N2H2.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card