Explicit Proxy: HTTP CONNECT Tunneling

The Explicit Proxy on your Firebox supports HTTP CONNECT Tunneling for HTTPS traffic. When you use CONNECT tunneling, a client sends requests to the Firebox through the Explicit Proxy over port 3128. These HTTP requests use the CONNECT method to contact the port configured in the Explicit Proxy settings (HTTPS port number 443 by default). You can also configure other ports for customized HTTPS web servers. The Explicit Proxy then establishes a TCP connection to the specified destination. When the connection is made, the Explicit Proxy responds to the original HTTP request with an HTTP response to the client, and then the client can send the data to the destination.

With the Explicit Proxy, you can allow, deny, or block a request based on the specified ports, or configure an HTTPS proxy action for HTTP CONNECT tunnel traffic.

Configure the Explicit Proxy for HTTP CONNECT Tunneling

Configure the Proxy Action for the Explicit Proxy

When you add the Explicit-proxy policy, the predefined proxy action Explicit-Web.Standard is automatically selected. Because you cannot edit a predefined proxy action, you must clone the proxy action and then configure the settings for the cloned proxy action.

See Also

About the Explicit Proxy

Explicit Proxy: HTTP Web Proxy