Recommended MWG Deployment for unmanaged and managed device
I would like to seek your recommendation on the type of deployment to be used and the ideal placement of the MWG on the attached file. Client requirement is access ontrol and filtering using a dedicated web gateway.
Re: Recommended MWG Deployment for unmanaged and managed device
this would be a question for your firewall supporter.
Lets assume all ISPs are directly associated to your firewall. Your internal net is 192.168.1.1/24, and the DMZ which contains the MWG is 192.168.2.1/24. The Firewalls gateway IP on the DMZ is 192.168.2.1, the MWG has 192.168.2.250
Basically the MWG acts as a Proxy listening by default on Port 9090 on 192.168.2.250. So you have to configure the use of a proxy on 192.168.2.250:9090 for the internal clients.
Based on the MWGs Ruleset, it forwards the request to the firewall (= Default GW =192.168.2.1) that routes it to the internet.
So it is up to Your firewall to decide which ISP to use for this connection. If your firewall is capable of policy based routing, you may establish a rule to use a certain ISP for the Webgateway.
Best regards Marcus
P.S.: If you find this post helpful, thank You for giving it a Kudo :o)
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.