Manualshelf

User guide

ManualsBrandsWatchguard ManualsComputer equipmentV60
919293949596979899100
Proxied Services
Reference Guide 79
Proxied-HTTP rule ensures that all outgoing HTTP traffic, regardless of
port, will be proxied according to the HTTP proxy rules.
WatchGuard recommends that you allow incoming HTTP only to any
public HTTP servers maintained behind the Firebox. External hosts can be
spoofed, as WatchGuard cannot verify that these packets were actually
sent from the correct location.
Configure WatchGuard to add the source IP address to the Blocked Sites
List whenever an incoming HTTP connection is denied. Adjusting the
settings and MIME types is the same as for the HTTP Proxy.
RealNetworks
RealNetworks is a streaming media (audio and video) protocol developed
by RealNetworks (http://www.realnetworks.com). The RealNetworks
service allows the incoming UDP stream to reach the client. If the service
is not there, then when the UDP stream fails, the stream defaults back to
the TCP connection, so the audio still gets to the client. An outgoing TCP
rule is all that is required for RealNetworks to work. Many of the
requirements of the RealNetworks service are more appropriately
addressed using the RTSP service. For more information, see “RTSP” on
page 80.
Characteristics
•Protocol: TCP and UDP
Server Port(s): 7070 (TCP control channel) and 6970-7170 (UDP data
channels)
Client Port(s): greater than 1023
RFC: no RFC, but see:
http://www.realnetworks.com
Common Scenarios
Scenario 1
Description
There are RealNetworks servers off the External interface,
scattered across the Internet.