The PhoneBoy Blog


Simplifying Telecom, Mobile Phones, Gadgets, and More!

FireWall-1 FAQ: Request to proxy other than next proxy resource http://proxy.foo.com

Please note: This content was from when I was operating my FireWall-1 FAQ site, which I stopped operating in August 2005. For some reason people still have links to this stuff on the Internet that people are still clicking on.


I am making this information available again AS IS. Given how old this information is, it is likely wildly inaccurate. I have no plans to update this information.


If you're still running versions of Check Point VPN-1/FireWall-1 where this information is still relevant to you, do yourself a favor and upgrade to a more recent release. If you happen to be running a current release and the information is useful, it's by happenstance :)


When filtering HTTP traffic that goes to an HTTP Proxy server, you might get the following error message when I try and access the proxy server:

Request to proxy other than next proxy resource http://proxy.foo.com

In FireWall-1 NG, set the "HTTP Next Proxy" setting in your gateway object in the Security Servers section. In FireWall-1 4.1 and earlier, set the "HTTP Next Proxy" setting in Policy->Properties, Security Servers tab to point at the IP address of a proxy server (not a fully qualified domain name). Obviously, this will only allow you to filter traffic to one HTTP Proxy Server.

C-List #Cybersecurity Celebrity, Podcaster, #noagenda Producer, Frequenter of shiny metal tubes, Expressor of personal opinions, and of course, a coffee achiever.