Proxy

Setting up a direct connection to the proxy server.


Proxy Server for Web Traffic

You do not need to explicitly specify the proxy settings on the LAN hosts. Specifying UTM as the default gateway for devices on the network is sufficient.

By default, caching of traffic to disk is disabled, but it is carried out in the server RAM. You can enable caching of web traffic to disk in Services -> Proxy, but we do not recommend doing this because of excessive load on the disk subsystem. As a rule, caching to RAM is sufficient.

Direct connections to the proxy server can be configured by checking the corresponding box in the section Services -> Proxy and specifying the IP address and port on the UTM side. Then these details should be specified on those LAN network devices whose web traffic needs to be passed through a proxy.

To configure HTTPS traffic filtering, you need to add a root UTM certificate to users' computers. Read more in the article on Setting up HTTPS filtering.

Below is a screenshot of the General tab in the Proxy section.
1. Proxy Server.png


Role of Proxy Server in the Operation of SafeUTM Gateway

The proxy server, in addition to proxying web traffic, plays the role of a master service for several services related to processing, monitoring, and accounting for user web traffic on the gateway, namely:


Direct Connections to Proxy Server

This mode is used when SafeUTM is not the default gateway for network clients.

Setting up the mode

In this mode, UTM will be able to provide hosts with web content and traffic on other ports (by default on all, if necessary, you can close the ports with a firewall), in case of necessity performing accounting (quotas), monitoring and checking web traffic for viruses, content and malicious content if the following conditions are met:

If it is not possible to specify a proxy server in the program settings for Windows or Mac OS X, then you can use third-party software to route all workstation traffic to the proxy server. For example, Proxifier provides such an opportunity. For more information on how to configure Proxifier for direct connections to the proxy server, see an article by following the link.


Exclusion of Resources from Proxy Server Processing

On the Exceptions tab, it is possible to exclude resources from processing by the proxy server and all related services (content filter, web reporting, antiviruses).

We strongly discourage you from excluding the ENTIRE LAN from proxy server processing.

When connecting directly to a proxy server, traffic cannot be excluded from proxy processing. You need to exclude traffic in the proxy server settings on the device (in the web browser or the proxy server system settings).


Revision #6
Created 27 August 2022 13:05:16 by Val Redman
Updated 13 October 2022 15:24:12 by Val Redman