Can explicitly proxied traffic be bypassed?
search cancel

Can explicitly proxied traffic be bypassed?


Article ID: 165444


Updated On:


ProxySG Software - SGOS


No. Traffic that is explicitly proxied with browser settings, wpad.dat file, or a PAC file, cannot by bypassed using the static or dynamic bypass lists, nor bypassed in the services configuration.

When a packet leaves a client system, it has a source and destination IP.  If the IP is not the ProxySG, then the setup is called transparent, as the client system is not directly sending that packet to the proxy.  In this case, the proxy can be set to ignore, or bypass, that packet.  This is done by copying the packet and sending it along to the provided destination IP.

When the client packet has the destination IP of the ProxySG appliance, the ProxySG loses the ability to send the packet to its destination (since the destination is the IP address of the ProxySG).  Because the packet is destined to the proxy, the packet must be intercepted if there is a configured service port, or reset if the destination port is not a configured service port.