Can I use my FW as a web proxy?

[hotice_]

Hi,
Someone asked me today if it was possible to use the Checkpoint (IPSO) fw as a transparent http/https proxy, i.e.

Public IP -> FW -> Other Fixed Public IP

Packet inspection is not a requirement. I have tried to play with it doing some Static NATing and other fiddling but couldn't get it to work.

Does anyone know if this is even possible?

[MarioL]

Check Point can a few things with the security servers and also using NAT, though the fancy stuff is regarding SMTP, where you can redirect/rewrite mail, etc.

For HTTP it can do some blocking and stripping, but its not what I would consider a proxy.

You might also want to give more details about what exactly you want to achieve, I find the description a bit ambiguous.

[mcnallym]

I don't believe that you can what you are looking to do in terms of sending back out to the Internet, as not actually going through the firewall as such.

I think that you would need to get a proper http/https box, possibly something like an ISA Server/Appliance or Bluecoat.