Most World Wide Web (WWW) clients support the ability to use a proxy server. Despite the fact that transparency would eliminate the need for proxying WWW traffic, users should configure their clients to use the proxy server if at all possible. This is because many WWW sites run servers on non-standard ports (other than port 80) which the transparency feature of the firewall does not enable access to.
 | Note: Only the Netscape Navigator browser is supported for running the Gauntlet forms-based administrative interface. Users may, of course, use other browsers to access WWW resources. |
Most UNIX-based clients, such as the original NCSA Mosaic, support proxy forwarders via a number of shell environment variables. Setting the environment variables into the process environment is easily done by creating a small shell script that then calls the real executable. Note that the FTP proxy port is port 80, not the normal FTP port 23. When accessing FTP URLs, the HTTP proxy performs FTP commands itself on behalf of the user, bypassing the FTP proxy. This example shell script might be named /usr/local/bin/xmosaic:
#!/bin/sh http_proxy=http://relay.tis.com:80/ wais_proxy=http://relay.tis.com:8080/ gopher_proxy=http://relay.tis.com:80/ ftp_proxy=http://relay.tis.com:80/ export http_proxy wais_proxy gopher_proxy ftp_proxy if [ $# != 0 ] ; then args=$* else args=http://www.tis.com/ fi Mosaic-sun-lresolv $args rm -f $HOME/.mosaicpid |
Using NCSA Mosaic for Windows, the HTTP proxy values are defined in the mosaic.ini file as shown in the example above. Note the attributes for proxy information, which are defined as pointing to the firewall for all services.
Netscape menus directly support defining proxy servers. Select the “Options/Preferences/Mail” and “Proxies” menus and enter the firewall as the proxy server, using the HTTP port 80 as the service port. Netscape also provides an option for “No Proxy On,” permitting users to specify a pattern indicating what systems should be contacted directly, rather than via the proxy. This is valuable for organizations that have servers internally that are reachable directly, in addition to servers on the other side of the firewall.
Spry Air Mosaic client software supports proxy configuration via the “Options/Configuration/Proxy Servers” menu. The proxy name and port is encoded as a URL in the form of http://firewall:port/, where the name of the firewall is the name of the firewall's internal network connection. The Exclude Domains option on the proxy menu permits the user to specify which domains should not be accessed via the proxy.
