How to configure Juniper SSG140 deny port 80&443 except Squid proxy !!!

ducloiag · 12-22-2010, 10:23 PM

Hello all,
I have just installed Squid proxy. i also use WPAD to deploy policies for all client. Both works well together.
Now i want to configure firewall Juniper SSG140 will be deny all request from client to access internet and redirect to Squid. I mean deny HTTP & HTTPS except Squid (port 3128), even i want to all access to internet have to through Squid proxy.
I don't expert about the firewall Juniper. May i know step by step configure it.
Please adv to me.

http://img256.imageshack.us/img256/8931/jssg140.jpg

Thanks & Best Regards.

acid_kewpie · 12-23-2010, 02:54 PM

you should check out the screenos manual, but essentially just create a rule to permit those ports to the proxy IP and then let everything else fall through to a default deny at the bottom of the firewall list. We really can't just outright teach you how to use a juniper firewall on a forum, that's what your standard documentation is for. Just ensure that it is going from, and to, the right zones relative to your environment.

ducloiag · 12-24-2010, 12:39 AM

May i know these steps configure. Because i have not found on the CD Document attached.

acid_kewpie · 12-24-2010, 01:01 AM

Just look for the screenos docs, it's directly linked on the ui. this is about the most mundane and trivial thing to do on an ssg box, and also requires just about no specific knowledge of tte ssg itself, it works very similar to just about any other list based firewall.

ducloiag · 12-24-2010, 01:58 AM

I found good topic but almost the body not exist, like this
http://kb.juniper.net/InfoCenter/ind...=1293177066739

acid_kewpie · 12-24-2010, 02:44 AM

The body? What does that mean? Obviously being the juniper kb you need to log in to see it.

ducloiag · 02-21-2011, 01:16 AM

I mean that link had die.