If I have a client using a http/https explicit proxy, can we do the local RPZ rules by client IP?

BounniW · ‎07-24-2022

Hi;

Usually in this case, the client itself relies on the explicit proxy "setup in a pac file" to do the DNS queries, which means that local RPZ rules cannot be based on the client IP address, correct?

Kindly

Wasfi

kzettel · ‎07-29-2022

Hello,

It will depend on how you want it to work.

you can have Infoblox take over the DNS first then redirect to the proxy. you can configure this inside the PAC file which is another option.

hope this helps,

Kevin Zettel

BounniW · ‎08-16-2022

Thank you for your respose Kevin.

to be honest, I am still puzzled since the client itself does not do any DNS querying itself. This is mainly due to the explicity proxy setup of the client's browser "using a pac file".

In saying that, there might be a setup that you are aware of and I am not. In this case, would you please share with me.

kindly

Wasfi

aralvidra02 · ‎08-17-2022

Hi,

If you are using PAC file then you can try to insert "dnsResolve(host)" function. The client will have to perform DNS lookup

Thanks

THE GAME HAS CHANGED

BloxOne Threat Defense and Threat Intelligence

If I have a client using a http/https explicit proxy, can we do the local RPZ rules by client IP?

Re: If I have a client using a http/https explicit proxy, can we do the local RPZ rules by client IP

Re: If I have a client using a http/https explicit proxy, can we do the local RPZ rules by client IP

Re: If I have a client using a http/https explicit proxy, can we do the local RPZ rules by client IP