SunScreen 3.1 Administration Guide

HTTP Proxy Service


Note -

User authentication does not apply.


The following information is used in this example:

To Set Up the SunScreen Environment
  1. Disable the HTTP daemon (for example, httpd), if it is running.

  2. Type the following to make sure the backend HTTP Server is accessible:


    ping -s BackendServer
    

  3. Add an entry in the /etc/hosts file, if it is accessible. For example:


    1.2.3.4 BackendServer
    

To Configure the HTTP Proxy Service
  1. Create a new Service for the HTTP proxy service:

    1. Log in to the administration GUI.

    2. On the Policies List page, select the policy and click the Edit... button.

      The Policy Rules page appears.

    3. In the Common Objects section, select Service from the Type choice list.

    4. Click New Single... from the Add New choice list.

      The Service dialog window appears.

    5. Type the name for this new service in the Name field, for example:


      proxy_http
      

    6. Click the Add Filter button and select tcp.

    7. Click the field under Port, and type 80.

    8. Click the OK button.


      Note -

      User authentication does not apply.


  2. Create the Proxy User:

    1. In the Common Objects section, select Proxy User from the Type choice list.

    2. Select New... from the Add New choice list.

      The Proxy User dialog window appears.

    3. Type a name for this Proxy User in the Name field, for example:


      pu1
      

    4. Leave the Authorized User Name field blank.

    5. Leave the Backend User Name blank.

    6. Click the OK button.

  3. Create a Policy Rule:

    1. Click the Add New... button in the Policy Rules area of the Policy Rules page.

      The Rule Definition dialog window appears.

    2. Edit each field as follows by clicking the down arrow to display the choice list.

      • Service: proxy_http

      • Source Address: *

      • Destination Address: *

      • Action: ALLOW

      • PROXY list: PROXY_HTTP

      • Cookies, ActiveX, Java, and SSL: ALLOW/DENY

    3. Click the OK button.

  4. Save the changes:

    1. Click the Verify Policy button.

    2. Click the Save Changes button.

  5. Test the HTTP Proxy service

    From the Client Machine:

    1. Make sure the physical connections are good.

    2. Make sure the client machine can access the SunScreen Proxy Server:


      ping -s qa22-efs-hme1
      

    3. Configure the browser to use the HTTP proxy:

      • HTTP Proxy: qa22-efs-hme1

      • Port: 80

    4. Enter the following url:


      http://gobaby/Sun.Net
      

The screen output appears on the web page.