Views:

Testing Connectivity with a Browser

Procedure

  1. Set up the end user account.
  2. Decide the traffic forwarding method, and use a test machine to connect to TMWS by this method.
  3. Browse any website.
    Connectivity with TMWS is working when the TMWS captive portal page displays.
  4. Type the credentials used for the end user account.

Testing Connectivity with the Diagnostics Web Page

TMWS will not prompt a user to log on if the credentials have been provided within the last 30 days. In this case, the diagnostic tool is useful for testing. The user should already have an account and has already logged on successfully before.

Procedure

  1. Open a web browser and go to http://diagnose.iws-hybrid.trendmicro.com.
    TMWS is working properly when the connection status for TMWS is "Yes".

Testing Policies

It can take up to one (1) minute for a policy to take effect once it is set on the management console.

Procedure

  1. Enable a policy and set the action to 'Block'.
  2. Open a URL or run an application that the policy is supposed to block.
  3. When prompted by TMWS, log on with a user account that is subject to the policy.
    • If the policy is working, the browser will block access and display event details.
    • If the policy is not working, return to the policy and check the configuration. Also, verify that the browser is connecting through a proxy to TMWS.

Accessing Internal Sites

Because TMWS is outside your network, it may not have access to your internal sites. Administrators can configure TMWS to allow users to access internal sites.

Procedure

  1. If using a direct proxy server, modify the browser settings to include the restricted internal sites:
    • Microsoft Edge
      1. Click the More icon in the top-right corner of the browser.
      2. Go to SettingsSystemOpen your computer's proxy settings.
        The Automatic proxy setup window appears.
      3. Under Manual proxy setup, turn on Use a proxy server and specify the local sites to access.
    • Google Chrome
      1. Click the wrench icon located at the top-right corner of the browser.
      2. Go to SettingsShow advanced settings...Change proxy settings....
        The Internet Properties window appears.
      3. Click LAN Settings.
      4. Under Proxy server, click Advanced.
      5. Under Exceptions, specify the local sites to access.
    • Mozilla Firefox
      1. Click the Open menu icon in the top-right corner of the browser, and then select Options.
      2. Click the General tab, and under Network Proxy, click Settings.
        The Connection Settings window appears.
      3. Under No Proxy for:, specify the local sites to access.
    • Apple Safari
      1. Go to System PreferencesNetwork.
      2. Choose the method that the computer uses to connect to the Internet, and then click Advanced.
        The Network window appears.
      3. Click the Proxies tab.
      4. Under Bypass proxy settings for these Hosts & Domains, specify the local sites to access.
  2. If using a PAC file:
    1. Open the TMWS management console and go to AdministrationSERVICE DEPLOYMENTPAC Files.
    2. Duplicate the default PAC file.
    3. Make one of the following changes to the duplicated PAC file:
      • Modify the PAC file to do DNS queries first and to judge whether the IP address is internal or external. If it is internal, do not forward the request to TMWS. To do this, change the value of DNSNeedResolve to TRUE. For example:
        var DNSNeedResolve = true;
      • Modify the PAC file and specify the URL of internal sites to allow using the SkipHosts variable with the following code:
        var SkipHosts = ["<internal IP/hostname>", 
          "<internal IP/hostname>"];
for (var i in SkipHosts) {
   if (shExpMatch(host, SkipHosts[i])) {
     return 'DIRECT';
   }
}
        Note
        Note
        Do not change the order of variables or other content within the PAC file.