why I can't use external proxy in an internal organization?

proxy firewall bypass
8,354

If I understand your question correctly, it comes down to this:

First of all, 'Normal' networking.

Each device (computers, printers, IP cameras, whatever) has a public IP. You configure the network for the same network range.

Everything can connect locally to everything else which is local.
To reach computers on the Internet it need to be able to reach the router, which will be configured as the default gateway. That router will forward all traffic (HTTP or otherwise). No proxy is needed.

(Picture below: A simple classic network so I can use it as a baseline).

Baseline network

If I do not set a default gateway then you can still reach all local computers, but you can not reach computers on other networks. In other words: No Internet access.

This is a rather crude solution. It makes no difference between regular Internet access (email, ssh, rsync, ...) and browsing. We can improve on that by adding a proxy and allowing people to configure this proxy in their browser.

Optional local

The browser program (Chrome, Firefox, Safari, IE, Netscape,. ...) is then configured not to ask computers on the internet for content, but instead will ask the proxy.

You can compare this by asking people please not to phone outside people directly, but asking a secretary or reception to do this. That person (receptionist) will then forward the information to you.

Note that as shown this is completely optional. You can still access the Internet directly. The advantage for using a proxy is that the proxy can cache webpages. If you view a web page via the proxy, and then a coworker views the same webpage then the actual content will only be fetched once. It is as if you have a web cache for everybody on the same local network, rather then one per computer.

This can save bandwidth (a good thing from a corporate aspect) and will speed things up (nice for the users).

This is the classical use of a proxy.

If you have a firewall you can configure it to only allow access to ports 80 on the Internet from one specific computer. In that case direct Internet access will still work for most programs, except for web browsers. That way noone can view webpages without using the proxy.

local proxy

Since the proxy now sees all web traffic you can also use it to enforce some rules, collect statistics etc etc. I think this is what you meant at the start of your question.

Now backtrack one picture. You have optional access to a proxy. That proxy is shown as a local proxy, but the only reason for that is that having the proxy locally saves bandwidth for you. You can place the proxy somewhere on the internet. That will save someone's bandwidth, but just not yours. This is why ISPs are quite happy to do this.

To reach it you need to be able to reach that proxy on the Internet.

As long as the work firewall allows that there is no reason why it would not work. But that prevents the additional corporate feature (blocking sites, statistics, only access during certain times etc etc). This is why most work/corp setups will block this.

Share:
8,354

Related videos on Youtube

Q8Y
Author by

Q8Y

Updated on September 18, 2022

Comments

  • Q8Y
    Q8Y over 1 year

    Many organizations use an internal proxy. If you select that proxy you can use the Internet with their restrictions & filters.

    My question is, can I use an external proxy like what I can do in my home ? since, the proxy its entered by default(from ISP) while in my work, I have to use only their proxy.. why is that, & how they can do it ?

    I know that I can bypass their restriction by using VPN, but I am talking about proxy & why I can't do similar what I can do in my home?

  • Admin
    Admin about 11 years
    by the way, i guess you should have enough arguments to fight that it is legitimate to use google translate.
  • Admin
    Admin about 11 years
    great details ...
  • ganesh
    ganesh about 11 years
    Tried to :-) I really should sit down some day, search this site for duplicates and either point to the best, or write one as canonical answer. (And this one is way to brief and skips over a lot of things so it is not up to par for the latter).
  • Q8Y
    Q8Y about 11 years
    @Hennes First of all, thank u sooo much for the great details & the deep explanation ... I have a couple of questions if u mind to make it more clear to me... 1) The reason why the internet won't work unless I use proxy(in work) because the have set a rule in the firewall to not except connection on port 80 only form one computer & direct all the connection to it & make it act as default gateway.. am I right ?? 2) When they do that, there is no way to access the internet unless I use that proxy, I can't use another one(as in any home network).. Right?? Finally, Thank u sooo much ;)
  • ganesh
    ganesh about 11 years
    Re 1a). They probably do not redirect all traffic to the proxy. Most likely they only redirect HTTP traffic to it. The rest might either pass to the internet or or blocked. You can test that with running a web-server at another port than the default port 80. Try to connect. It that works they only redirect traffic for port 80. (Obviously you need a web-server someone on the Internet, configured for a non default port) ---- 1b) I suspect no changes are made to the default gateway. There is just a firewall somewhere (probably behind you DG)
  • ganesh
    ganesh about 11 years
    Re 2) You might need to check if they block the internet or just the web part. There is a difference. ---- Lastly, if you do want more access at work the usual way is to formulate a good clear reason and ask IT for access. If you have a good reason it is often granted
  • Q8Y
    Q8Y about 11 years
    @Hennes Again. Thank u sooo much for ur help.. I appreciated that.. Thanks

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to bypass web URL filtering service to access blocked websites (proxy)
Apt-Get not working behind corporate firewall on Win 7 in VirtualBox with proxy set
issues in installation of mongo DB
Error message when entering iptables command (table does not exist)
Configure a Tor proxy on Ubuntu 16.04
How to Block Ultra Surf Proxy Client on Windows
Configurating proxy bypass in a router
How to access google/github respository behind VPN?
If I use a proxy server, can my computer bypass the ISP?
How to SSH an outside server from a computer which is behind a proxy firewall?