Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More

Request a Demo
Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More

Request a Demo
Services
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

View All Trustwave Services
Solutions
BY INDUSTRY
BY REGULATION
BY TOPIC
Microsoft Security
Unlock the full power of Microsoft Security
Offensive Security
Solutions to maximize your security ROI
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
We reduce cyber risk and fortify organizations
Awards and Accolades
Recognition by analysts and media outlets
Trustwave SpiderLabs Team
Global researchers, ethical hackers, and responders
Trustwave Fusion Security Operations Platform
Unprecedented security visibility and control
Trustwave Security Colony
Access to cybersecurity threat protection resources
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats
Register
Login
Resources
BLOGS
UPCOMING
MEDIA & ASSETS
NOTICES
HELP
Loading...
Loading...

Trustwave Knowledge Base

Home » Knowledgebase » WebMarshal » HOWTO: How do I allow a remote laptop user to use the WebMarshal...

HOWTO: How do I allow a remote laptop user to use the WebMarshal proxy server?

Expand / Collapse
Show/Hide Article Tools


This article applies to:

  • WebMarshal

Question:

  • How do I allow a remote laptop user to use the DMZ public WebMarshal proxy server address?
  • Users who take laptops home have proxy connection issues

Procedure:

Trustwave does NOT recommend allowing client connections to the WebMarshal proxy from the public internet.

The following options are available:

Recommended Options:

  • Have the remote users connect to the company network via VPN, and specify the IP addresses that the VPN server could allocate in the WebMarshal Local Address Table.
    • Note: This is the recommended workaround, and security conscious organizations are likely to have a VPN already configured.
  • Educate laptop users on how to manually change the browser or system proxy settings so that they do not use the proxy when out of office.
    • In current Windows versions, see Settings > Network & Internet > Proxy

Valid Options that are not supported by Trustwave Technical Support:

  • Develop a desktop batch file/script/registry file that laptop users can execute to change the settings.
    • One file to check the 'Use a Proxy Server for you LAN' option, and one to uncheck the same option

Notes:

In order to use WebMarshal as the Proxy server for the network, all workstation proxy settings must point to the WebMarshal server.  The problem manifests itself when laptop users connect to the LAN from an internal point on the network during the day at work, and then connect to the Internet outside the office, via an ISP without a VPN connection to the company's LAN.  At this point, the proxy settings are still referencing the internal name or IP address of the WebMarshal server.  The server IP address will resolve fine if the WebMarshal server is in the DMZ, but the end user will not be able to browse the Internet.  The web browser will get a 'Website not found" error message.

In this situation, we do NOT recommend opening firewall and the Local Address Table of WebMarshal to accept connections from all addresses.  This will allow the WebMarshal machine to accept connection attempts from any address, including unwanted connections. 

  • Opening access freely can result in Denial of Service attacks and other security issues.
This article was previously published as:
NETIQKB35624

To contact Trustwave about this article or to request support:

Rate this Article:
     
Tags:

Add Your Comments


Comment submission is disabled for anonymous users.
Please send feedback to Trustwave Technical Support or the Webmaster.


Execution: 0.031. 8 queries. Compression Disabled.
Powered by InstantKB.NET