Cannot SCP files from ProxySG into CASB device logs
search cancel

Cannot SCP files from ProxySG into CASB device logs

book

Article ID: 245148

calendar_today

Updated On:

Products

Cloud Secure Web Gateway - Cloud SWG CASB Audit ISG Proxy

Issue/Introduction

WSS logs ingested into CASB without any problems but ProxySG logs cannot be updated into CASB.

PCAPs indicate traffic leaving the internal network but TCP connection fails to establish correctly with CASB.

WSS integrated with on-prem ProxySG and with CASB.

Cause

Configuration issues with CASB IP address whitelisting and ProxySG UI limitations.

Resolution

Multiple tasks need to be completed from the ProxySG to upload files to CASB reporting successfully:

  1. Make sure that firewall rules where Proxy egresses out of allows TCP 22 to the CASB reporting endpoints
  2. Make sure that the CASB whitelisted IP address for SCP communication matches the ProxySG egress IP address
  3. Configure the ProxySG settings from the CLI and not the UI (SSH keys can be generated via the UI). This is the key part as the info key endpoint info from the CASB side was truncated when adding via the ProxySG UI - username with underscores were also not allowed. These limitations do not exist with CLI.
Powered by Wolken Software