SecureGUARD GmbH

Technical Blog for SecureGUARD Products and Solutions

Web Access Rules - Rule Modes

In todays blog post I want to cover the different Rule Modes when creating a Web Access Rule.

You can define the behavior with Rule Mode for every single Web Access Rule with the following Rule Modes:


Allows or blocks web access using an explicit proxy IP address and port (which is configured within the HTTP Proxy setting within the Web Access Rules module). Every single client have to be configured with the appropriate settings. You can also use Kerberos authentication (if the server is domain joined) or LDAP authentication (LDAP Authentication settings have to be configured) with Proxy Mode.

The required Firewall Rules and NAT rules will be generated automatically.


Allows or blocks web access as transparent proxy. On the clients the IP address of the server have to be configured as default gateway or as gateway on a dedicated route.

Please be aware that the transparent rule mode doesn't support authentication.

The required Firewall Rules and NAT Rules will be generated automatically.


Proxy and Transparent

Combines both modes proxy and transparent modes. All required Firewall Rules will be generated automatically.

Please be aware that authentication is only used when a client accesses the proxy via the dedicated IP address - port combination.


Manually create FW and NAT rules

By selecting this mode, firewall rules and NAT rules have to be created manually. Select this option if you want to use a dedicated external IP address used for hide-NAT. The other three modes use the primary IP-address configured on the external interface.


Add comment