Deploy SGOS IPv6 Proxy as an explicit forward proxy appliance in the Internet gateway. Users will be advised to configure an explicit proxy, or use a PAC file.  This is the simplest deployment method. The down side to this is it requires either manual browser configurations, or the system administrator to manage the client’s machines. 

Deployment

1. Configure Edge SWG (ProxySG) to have both IPv4 and IPv6 connectivity. See Deploy ProxySG as an IPv6 Transitional Device.

2. Enable “Explicit HTTP” proxy service:

• #(config proxy-services) edit “Explicit HTTP”
• #(config Explicit HTTP) intercept explicit 8080
• #(config Explicit HTTP) intercept explicit 80

If the Edge SWG (ProxySG) contains multiple IP addresses and the user wants to control which IP address is used for explicit connection, you can substitute the “explicit” keyword with the Edge SWG's IP address:

#(config Explicit HTTP) intercept <sg-ip-address> 8080

3. Create policy to prefer IPv6 DNS lookup. This allows the Edge SWG to use OCS’s IPv6 address if available:

<Proxy>

server_url.dns_lookup(prefer-ipv6)

The Edge SWG configuration is complete at this point. The system administrator will need to make sure that users need to connect to the Edge SWG explicitly to take advantage of the new service. This can be done either via manual configurations or PAC file:

Browser Configuration (Firefox)

This example assumes the users do not have IPv6 connectivity, so the HTTP proxy address is IPv4.  If the explicit proxy is used to provide IPv6 users access to IPv4 content, it is possible to use the proxy’s IPv6 address as an explicit proxy address:

System administrator may also choose to distribute a PAC file.