HTTP(S) Content Action & Revese-Proxy : Questions
I haven't worked in a long time on WatchGuard fws and i've got a few questions.
I need to do HTTP and HTTPS Revese-Proxy for a client (basically just rerouting trafic according to the URL) and I couldn't make it work.
Right now, I have a Action Content filter with the domains I need to reroute.
This filter is configured in a HTTP(S) Proxy Policy with the Firebox itself as the destination (External IP Address).
The rule is matched, but there isn't any matching on the URL and I always end up getting a Access Denied from the firewall.
I've got 3 main questions, for the rest I'll leave you make me any advice you might think that could help me :
Does the Destination field HAS TO be a SNAT address? I read that in some documentation, but i'am not sure.
Does the trafic HAS TO come from the External interface, or can I also do Revese-Proxy between 2 Internal Trusted interfaces?
Regarding HTTPS, can you confirm that the box is able to route the trafic based on the SNI? By asking that I mean rerouting HTTPS without doing any SSL Inspection
Any help would be appreciated.
Thank you guys! ;-)