Overview
Even though the NAT technology used in Kerio Control enables direct access to the Internet from all local hosts, Kerio Control contains a standard non-transparent proxy server that needs to be configured.
This is useful when Kerio Control is deployed within a network with many hosts where the proxy server has been used. Thus, the Internet connection is kept if a proxy server is used, and there is no need to re-configure all the hosts (or only some hosts require re-configuration).
Note: The proxy server can be used for HTTP, HTTPS, and FTP protocols. The proxy server does not support the SOCKS protocol (an Internet protocol that exchanges network packets between a client and server through a proxy server).
Important: If a non-transparent proxy server is being used, the filtering of HTTPS connections does not work.
Solution
Below are the steps required to configure a non-transparent proxy server in Kerio Control:
- In the Kerio Control administration, go to Configuration > Proxy Server.
- Select the
Enable non-transparent proxy server
option. - If you want to enable a tunneled connection on non-standard TCP ports (e.g. connecting to remote Kerio Control administration placed on the Internet from your local network), check the option
Allow tunneled connections to all TCP ports
.
Note: This option affects HTTPS traffic only. You can always access HTTP on any port via a non-transparent proxy.
- Select the
Kerio Control non-transparent proxy server
option. This option enables the HTTP proxy server in Kerio Control on the specific port (default is 3128). - Click on the
Apply
button.