Explicit Proxy: FTP over HTTP

The Explicit Proxy can examine FTP connections sent over HTTP (also known as Web FTP). For example, when you use FTP over HTTP, you specify a web URL in the format ftp://ftp.example.com/path or ftp://user:[email protected]/path/.

The Explicit Proxy connects to the destination server with native FTP commands to get a directory listing or file, and then sends the data to the client in an HTTP response.

The initial HTTP request is subject to the rules configured in the Explicit Proxy. The Firebox then uses the FTP protocol through the specified FTP-proxy action, and any standard FTP-proxy action rules apply. The final HTTP response to the client is not sent through the Explicit Proxy action.

If you use the Explicit Proxy for connections to your network, you can force your users to authenticate before they can connect to your network. When you enforce authentication in the Explicit Proxy, unauthenticated connections are redirected to the Firewall authentication page. For more information about how to configure Firewall authentication, see Firewall Authentication.

Configure Explicit Proxy

Configure a Proxy Action for the Explicit Proxy

When you add the Explicit-proxy policy, the predefined proxy action Explicit-Web.Standard is automatically selected. Because you cannot edit a predefined proxy action, you must clone the proxy action and then configure the settings for the cloned proxy action.

See Also

About the Explicit Proxy

Explicit Proxy: HTTP Web Proxy