The GateManager Web Proxy Relay functionality allows clients on the Device networks to use this SiteManager as a Web Proxy, by forwarding all requests to a remote Web Proxy, and optionally handle HTTP CONNECT by connecting directly to a specified remote server via the GateManager.
It works like an automatic Server Relay, without the need to configure a local address for a specific remote server address. This may be used with legacy devices that already include the ability to connect via a Web Proxy to the Internet. If you also specify a remote web proxy, any type of HTTP request (except CONNECT) will be forwarded to that remote proxy, allowing you to browse the Internet through the GateManager connection.
On SiteManager hardware units, the web proxy supports both DHCP and DNS-based web proxy auto-discovery (WPAD).
- Web Proxy Relay
This is where you enable and disable the Web Proxy Relay functionality. By default it is enabled on hardware platforms and disabled on software platforms.
For proper operation, you must configure at least one of the Remote Web Proxy and Connect Forwardingparameters.
- Auto-Discovery Modes
This is where you enable and disable the Web Proxy Auto-Discovery (WPAD) functionality.
The default setting (on hardware based SiteManagers) is to enable DHCP-based WPAD used by programs like Internet Explorer and Skype.
If you use programs (e.g. Firefox) that only support the DNS-based WPAD method, you can change this setting to enable both DHCP and DNS-based WPAD.
Note: You must enable the DHCP server (and DNS proxy) on the relevant interfaces for auto-discovery to work.
- Local Port
The local port (default 8080) on this SiteManager where the Web Proxy listens for requests.
Note that if you enable DNS-based WPAD, the Web Proxy Relay will also listen on port 80 in addition to the port configured here.
Note also that if you set the local port to 80, you also automatically enable DNS-based WPAD if you have enabled only DHCP-based WPAD above.
- Remote Web Proxy
This specifies the remote Web Proxy that requests are forwarded to. It may be specified as either the actual IP address and port number of the remote Web Proxy, or by a symbolic name, e.g. WEBPROXY (the default), which is configured in the GateManager's domain relay configuration. If you leave this field blank, only HTTP CONNECT requests are handled by the Web Proxy Relay.
- Idle Timeout
Here you can enter the maximum idle timeout (in seconds) for the connections made through the Web Proxy Relay. A value of 0 means no timeout. Default is to terminate connections that are idle for more than 300 seconds.
- Idle Threshold
Here you can enter the maximum size (in bytes) of data packages (TCP payload) forwarded through the Web Proxy Relay in order for them to not reset the idle timer. The default value of 0 means any data on the connection will reset the idle timer. This can be used with some protocols that regularly send a small keep-alive package, but you still want such connections to be timed out.
- Connect Forwarding
This specifies how HTTP CONNECT requests are handled by the Web Proxy Relay. By default, these requests are forwarded to the Remote Web Proxy server, if configured. Alternatively, the Web Proxy Relay can intercept HTTP CONNECT requests with a numeric IP address and port number target address, and treat them like a form of anonymous Server Relay, making a direct connection to the given address and port number via the GateManager. Possible values are:
- Via Remote Proxy: Forward HTTP CONNECT requests via the configured Remote Web Proxy.
- Direct - No auth: Handle HTTP CONNECT directly, without authentication.