my customer use the link http://myhost/user to manage own data
yes, correct is - user manager connects to paypal server
you're right. By retrieving http://myhost is forwarded to my web server. Here can be not seen the webfig page , so i don't need it for port 80.
But by rertieving https://myhost i receive the webfig page. So i' ve forwarded any access over port 443 to web proxy.
So following configurations are made, but unsuccessful
1. block direct access to web proxy
ip firewall filter add chain=input protocol=tcp dst-port=8080 in-interface=ether1 action=drop
2. enable the web proxy
ip proxy set enabled=yes
3. forwarding to web proxy
ip firewall nat add chain=dstnat dst-address=publicip protocol=tcp dst-port=443 action=redirect to-ports=8080
4. add access rule by web proxy to block webfig
ip proxy access add dst-address=publicip path="/webfig/*" action=deny
5. add access rule by web proxy to allow user manager
ip proxy access add dst-address=publicip path="/user/*" action=allow
ip proxy access add dst-address=publicip path="/userman/*" action=allow
What did i done wrong?