Enable IP Forwarding

book

Article ID: 167288

calendar_today

Updated On:

Products

Advanced Secure Gateway Software - ASG ProxySG Software - SGOS

Issue/Introduction

What is IP forwarding?
How is IP forwarding enabled on the ProxySG?
You want general information about IP Forwarding, including how to enable it
IP Forwarding and how to enable it

Resolution

  • IP Forwarding is a feature designed for deployment is where network traffic is being redirected using Policy Based Routing such that the redirected packets are being sent to the ProxySG's MAC address but the original destination IP of the traffic is preserved. Essentially, the ProxySG is being configured as a router (hop) along the way to the final destination. By enabling IP Forwarding, the ProxySG will intercept traffic for the service ports that are configured for interception. If IP Forwarding is not enabled, the traffic is rejected as being misaddressed. This feature is disabled by default.

 

  • NOTE: When IP forwarding is enabled be aware that the ProxySG will forward all traffic on ports that are set to bypass to the next hop. This traffic is not subject to proxy policy. However, the ProxySG will still continue to apply a policy to traffic on ports that are set to intercept.

 

  • IP Forwarding can be enabled (or disabled) from the Management Console by going into the Management Console > Configuration tab > Network > Routing > Gateways.

 

  • IP Forwarding can be enabled (or disabled) through the CLI using the following command:
    • SGOS#(config)tcp-ip ip-forwarding {enable | disable}