Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
MTS
Participant

Is that possible to have CheckPoint gateway working like a Sock5 Proxy Server?

Hello,

 

Just find few KN related to configuring CheckPoint as a HTTP/HTTPS Proxy.

 

But would like to Proxy the DNS to end user as well, and seems Sock 5 with Firefox working well for this.

 

Might I know if CheckPoint support Sock5 also?

 

 

Thank you in advance.

0 Kudos
3 Replies
G_W_Albrecht
Legend
Legend

The reason is that using CP GWs as a proxy is mostly not a good idea at all - out of my 13 y experience i would suggest to better install a Socks5 server in the internal network ! Also look for the limitations here: sk110013: How to configure Check Point Security Gateway as HTTP/HTTPS Proxy and sk92482: Performance impact from enabling HTTP/HTTPS Proxy functionality.

CCSE CCTE SMB Specialist
0 Kudos
Timothy_Hall
Champion
Champion

Agree with Gunter, configuring a Check Point gateway as an explicit HTTP/HTTPS Proxy is not a good idea.  All traffic being proxied will be unaccelerated (F2F path) and also be handled by a security server process thus slowing things down even more.  This was mentioned in my 2021 IPS/AV/ABOT Immersion video series:

proxy.png

"Max Capture: Know Your Packets" Self-Guided Video Series
available at http://www.maxpowerfirewalls.com
0 Kudos
genisis__
Advisor

I've asked this on a few occasions.  In older versions it was possible to do it apparently, but not anymore.  I know Fortigate can act as a SOCKS5 proxy.

0 Kudos