HTTP Web Content Filtering (WCF) (11.x)

Security Gateway Articles and How to's
Post Reply
Posts: 34
Joined: 15 Sep 2008, 15:57
Location: Clavister HQ - Örnsköldsvik

HTTP Web Content Filtering (WCF) (11.x)

Post by Tomas » 22 Feb 2013, 12:11

This How-to applies to:
  • Clavister cOS Core Security Gateway 12.x
A Clavister cOS Core 12.x Security Gateway with a license that permits Web Content Filtering

Topics covered in this document
  • Create a Web Profile
  • Create a Service
  • Create an IP Policy

Create a Web Profile

Open Policies > Profiles > Web

General tab
Name= WCf
Web Content Filtering= Enable
Restricted Categories= Select the ones you feel is needed, we're using the standard selected categories.
Web Profile.jpg
Web Profile.jpg (91.72 KiB) Viewed 7316 times

Create a Service

Open Objects > Services, select Add TCP/UDP service

General tab

Name = http_wcf
Source= 0-65535
Protocol= HTTP
Service.jpg (70.04 KiB) Viewed 7316 times

Create an IP Policy

Open Policies > Firewalling, select Add IP Policy

General tab
Name = http_wcf
Action = Allow
Source = lan, lan_net
Destination = wan, All-nets
Service = http_wcf
Source Translation = NAT
IP Policy.jpg
IP Policy.jpg (64.28 KiB) Viewed 7316 times
Under the Web Control tab, select the Web Profile that we created earlier.
Web Control.jpg
Web Control.jpg (21.56 KiB) Viewed 7316 times
Click OK

Move the IP Policy higher up in your IP Rule set. It must be before any more general NAT Policies, or the HTTP ALG will not be activated.

Save & Activate

Verify functionality.
Check the System Logs too.

Posts: 41
Joined: 24 Oct 2016, 08:23

Re: HTTP Web Content Filtering (WCF) (11.x)

Post by mape » 08 Nov 2016, 08:36

Updated 2016-11-08

Post Reply