How ToTo

Configure
Cyberoam asCyberoam
HTTP Proxy Serveras
Using
Single Port
How
Configure
HTTP
Proxy

Server Using Single Port

Applicable Version: 10.00 Onwards

Scenario
Configure Cyberoam as HTTP proxy server using a single port without changing the existing network.

Configuration
Step 1: Configure Cyberoam Ports
Configure Cyberoam in Gateway Mode according to the network diagram given below.
Port-A (LAN Zone): Specify IP address of the existing proxy server if replacing an existing proxy
server with Cyberoam, otherwise specify a LAN IP address which you wish to use for proxy.
Port-B (WAN Zone): As it is compulsory, assign a unique dummy IP address to the WAN port.

How To Configure Cyberoam as HTTP Proxy Server Using Single Port

Note:
Make sure Port B is not connected. It is used only for configuration and will not affect Cyberoam
operation.

Step 2: Configure Static Route

Configure a static route through Cyberoam such that all Internet traffic originating in the LAN is routed
through Cyberoam by default.
To configure the static route, go to Network Static Route Unicast and click Add to add a static
route with the following parameters.

Parameter Description
Parameter

Value

Description
Specify Destination IP Address

Destination IP

0.0.0.0

We add 0.0.0.0 as Destination IP

because we need to forward all
traffic to the existing firewall.
Specify Subnet Mask

Netmask

/0 (0.0.0.0)

We add /0 (0.0.0.0) as Netmask

because we need to forward all
traffic to the existing firewall.

Gateway

192.168.1.254

Specify Gateway IP Address

Interface

Port A 192.168.1.158

Select Interface from the list

including
Physical
Interfaces,
Virtual Subinterfaces and Aliases.

Distance

Specify Distance for routing.

Range of value is from 0 to 255

How To Configure Cyberoam as HTTP Proxy Server Using Single Port

Step 3: Create a LAN-to-LAN loopback Firewall Rule

Create a LAN-to-LAN loopback Firewall Rule to allow all LAN connections. Go to Firewall Rule
Rule and click Add to create a firewall rule with the following parameters.

Parameter Description
Parameter

Value

Name

LAN_to_LAN_Loopback_Rule Specify name to identify the Firewall Rule.

Zone

Source: LAN
Destination: LAN

Attach Identity Disabled

Description

Specify source and destination zone to which

the rule applies.
Check to attach the user identity.

Source: Any
Destination: Any

Specify source and destination host or

network address to which the rule applies.

Services

Any

Services represent types of Internet data

transmitted via particular protocols or
applications. Select service/service group to
which the rule applies.

Schedule

All the time

Select schedule for the rule

Network/Host

How To Configure Cyberoam as HTTP Proxy Server Using Single Port

Select rule action

Available Options:
Action

Accept

Accept: Allow access

Drop: Silently discards
Reject: Denies access and ICMP port
unreachable message will be sent to the
source
Select the NAT policy to be applied.

Apply NAT

Enabled
MASQ

It allows access but after changing source IP

address i.e. source IP address is substituted
by the IP address specified in the NAT policy.
This option is not available if appliance is
deployed as Bridge

Step 4: Configure Proxy Settings in Web Browser

Change the proxy settings in your web browser. Specify proxy as Cyberoam IP Address and proxy
port as 3128 (the default proxy port used in Cyberoam). For details on how to change proxy settings
of your web browser, refer to the documentation of your respective browser.

Document Version: 1.0 09/03/2012