Can the ProxySG configured in transparent mode bypass a site by domain name instead of IP address?
search cancel

Can the ProxySG configured in transparent mode bypass a site by domain name instead of IP address?

book

Article ID: 165505

calendar_today

Updated On:

Products

ProxySG Software - SGOS

Issue/Introduction

Can the ProxySG configured in transparent mode bypass a site by domain name instead of IP address?
I want to bypass a particular web site.  Can I bypass it by domain name?  Or do I have to use an IP address range?

Resolution

Currently it is not possible to bypass packets based on DNS names, nor would it be practical to do so.  The only supported way to bypass a host or site is by IP address or IP address range or subnet.

When packets enter the ProxySG, they have a source and destination IP address.  SGOS would then need to perform a reverse DNS lookup on the IP address to determine if that IP address belongs to the non-interceptable DNS address.  This RDNS lookup would delay the packet bypassing the Proxy.  The proxy would have to expend CPU cycles determining if this packet should be intercepted or not and then it would have to forward it on.  By using the IP address to bypass traffic, the proxy does a simple check based on the IP address and then it can quickly forward on the packet with minimal overhead or delay.

In order to configure this - Go to Configuration > Services > Proxy Services > Static Bypass List and create a new rule as per the requirement.

Powered by Wolken Software