A network policy in place does not allow client IP to go through the Firewall to the Internet but does allow ProxySG/Proxy IP to go through the internet and would like to get the Bloomberg Client to Work via SOCKS Proxy on ProxySG.
Configure Bloomberg Client to go work through the SOCKS Proxy on ProxySG.
Refer to the following Bloomberg guideline on how to configure this on the client: Bloomberg Transport and Security Specification, 28 Mar 2018, Version 6.5
It is presumed that the SOCKS Proxy has been configured on ProxySG, and the policy to allow the traffic has been created.
To selectively allow the Bloomberg client, add a rule for the SOCKS protocol for a destination listed on the Bloomberg host (see below) to the ProxySG Policy (VPM or Local).
The Bloomberg client initiates a SOCKS5 connection to the ProxySG SOCKS Proxy. The Bloomberg client then requests the SOCKS Proxy to create a UDP association which is used by the Bloomberg Client to send the UDP packet to the external host within the *.bloomberg.net network with a high port. The Proxy then relays the UDP traffic to the external host and port indicated on the SOCKS UDP associate packet.
The Firewall would need to allow traffic from the Proxy IP to the following list of networks, ports, and protocols. Take note that this list may change, and always refer to the document above which is provided by Bloomberg.
UDP Destination Ports
48129 - 48137
TCP Destination Ports
8194 – 8198
8209 – 8220
8290 – 8294
160. 43.250.0 using the subnet mask of 255.255.255.0
206.156. 53.0 using the subnet mask of 255.255.255.0
220.127.116.11 using the subnet mask of 255.255.255.0
208. 22. 56.0 using the subnet mask of 255.255.255.0
208. 22. 57.0 using the subnet mask of 255.255.255.0
18.104.22.168 using the subnet mask of 255.255.192.0