Configuring Transparent Proxy

When configured as a Transparent Proxy, GFI WebMonitor acts as an intermediary between client machines and web servers to monitor and control HTTPHypertext Transfer Protocol. and HTTPSHypertext Transfer Protocol over Secure Socket Layer (SSL). traffic transparently. When a user makes a request to a web server, the Transparent Proxy intercepts the request to deliver the requested content. When GFI WebMonitor is deployed in this mode, you do not need to set client browser settings to point to a specific proxy.


Transparent Proxy can filter only HTTP (TCP port 80) and HTTPS (TCP port 443) traffic.

Environment considerations when GFI WebMonitor is configured as a Transparent Proxy

Type Description
Supported Operating Systems

Transparent Proxy can be enabled on servers running the following operating systems:

  • Windows® Server 2016
  • Windows® Server 2012 (Including R2)
  • Windows® Server 2008 R2
  • Windows® 10
  • Windows® 8.1
  • Windows® 7


Ensure the operating system is up-to-date with all Windows updates installed.


By default, Transparent Proxy uses port 8082. Ensure that the listening port does not conflict with other applications. When the port is changed the proxy is restarted and ongoing connections are terminated. Applications do not need to be configured to connect to the Transparent Proxy port. The port is needed for internal operations by GFI WebMonitor.

Gateway Mode

Ensure that GFI WebMonitor is running in Gateway mode. Transparent Proxy cannot work in Simple Proxy mode. For more information refer to Deployment in an Internet Gateway environment.

Microsoft TMG firewall and Transparent Proxy Transparent proxy is not compatible with Microsoft Forefront TMG.
Proxy Chaining Transparent proxy cannot be enabled if Proxy Chaining is already used, because of possible conflicts. For more information refer to Configuring Chained Proxy.
Network address translation (NAT) Ensure Network address translation (NAT) is disabled on the GFI WebMonitor server for Transparent Proxy to work. Network address translation (NAT) modifies network address information in HTTP and HTTPS traffic.


Certain restrictions may apply on Transparent Proxy usage depending on the network topology. Configuration changes might be needed on the network to enable transparent mode.

How it works

Transparent Proxy can work in parallel with the regular proxy. HTTP and HTTPS traffic originating from client machines that are not set to explicitly point to GFI WebMonitor (manually or through WPADWeb Proxy AutoDiscovery protocol.) is captured by the Transparent Proxy once this functionality is enabled.

How Transparent Proxy works

When a user makes a request, the GFI WebMonitor Transparent Proxy intercepts the request even if the client machine has no configured proxy. If the requested content is allowed by GFI WebMonitor, the Transparent Proxy delivers it to the destination.

See also:

Enabling Transparent Proxy