Hot!How to test web filtering remotely

Author
SLinQLD
New Member
  • Total Posts : 2
  • Scores: 0
  • Reward points: 0
  • Joined: 2020/01/20 17:24:51
  • Status: offline
2020/01/20 17:34:17 (permalink)
0

How to test web filtering remotely

I would like to test web filtering under some constraints.
1. No direct access to the Fortigate unit, remote only.
2. No access to end user.
3. Not on local network.
4. Management access only.
5. I want to test it now, not wait for logs to appear. User maybe in different timezone and asleep.
 
I modify or create a custom web filter. I want to test that the url works from the console or via the gui. How can this be done under these constraints above immediately without involving others?
 
- Stephen
#1
emnoc
Expert Member
  • Total Posts : 5769
  • Scores: 375
  • Reward points: 0
  • Joined: 2008/03/20 13:30:33
  • Location: AUSTIN TX AREA
  • Status: online
Re: How to test web filtering remotely 2020/01/20 21:42:59 (permalink)
0
2 ways
 
1: set up the fortigate as a explicit proxy and use it as  proxy
 
2: use a vpn ( ssl or ipsec ) and tunnel your remote machine thru the firewall
 
optional ( #3) , jump into a jumpbox or bastion hose and run the web-browser or use curl and ensure the machine is allowed thru the firewall and the UTM-URL filter that your trying to test.
 
Ken Felix
 

PCNSE 
NSE 
StrongSwan  
#2
SLinQLD
New Member
  • Total Posts : 2
  • Scores: 0
  • Reward points: 0
  • Joined: 2020/01/20 17:24:51
  • Status: offline
Re: How to test web filtering remotely 2020/01/20 22:00:10 (permalink)
0
Ken,
 
It is set up as a proxy. I am not a user, I am not in the user domain. I just have management access via TACACS. I am not in a position to do major modifications. It's more a fortigate internal test I am looking for. Maybe I need a feature request?
 
This is 2020 things are changing, I guess the assumption has always been the engineer is local, near the equipment or has access to users or even works for the company who uses the firewall. In my case none of the above is true. These days its about remote monitoring and engineering support. I am just supporting equipment from afar via remote control. I can control the system but I am not part of it. A way to test remotely but not insert yourself in the system is needed.
#3
Jump to:
© 2020 APG vNext Commercial Version 5.5