How can I differentiate user traffics and ProxySG administrative (client-less) traffics in chaining proxies environment?
Article ID: 169230
Asset Management SolutionData Center Security Monitoring EditionProxySG Software - SGOS
In chaining proxy environment, how do I differentiate the user and proxy client-less traffics on the downstream proxy? How can I collect a packet capture on the downstream proxy which has issues to download BCWF / CachePulse database / license update? .
The solution is to redirect the administrative / client-less traffics using different forwarding port:
1. Do ensure the connection on the downstream does not goes direct. From the downstream proxy's GUI, select the Configuration > Forwarding > Global Defaults tab ensure "use forwarding for administrative downloads" option is enabled.
2. Assuming the existing default forwarding policy will forwards intercepted http traffics on tcp port 8888 :
4. Intercept tcp port 8889 on the upstream ProxySG. On the upstream proxy GUI > Configuration > Services > Proxy Services > Standard > Explicit HTTP > Edit Service > Add New Listeners on port 8889. The traffics must be permitted by the intermediate firewall as well (if there's any)
5. Do ensure the client-less connection policy is added above the default forwarding policy. So, the new forwarding host / CPL is