How to tap non SSL traffic on Edge SWG
search cancel

How to tap non SSL traffic on Edge SWG

book

Article ID: 372222

calendar_today

Updated On:

Products

ProxySG Software - SGOS

Issue/Introduction

Requirement to tap non-ssl traffic from Edge SWG to ensure traffic is copied passively to any network analysis tool

Resolution

Requirement:
SGOS version 7.x

Configuration Steps
Proxy Configuration:

  1. Connect the proxy port directly to the tapping device.
  2. Forward the tapped traffic to the interface id

Policy Configuration:

  1. Browse to Configuration > Policy > Policy Files.
  2. Select Install Local File from:
  3. Select Text Editor.
  4. Click Install.
  5. Select the Append CPL Code (below).
  6. Click Install.
  7. Click Close.
      <proxy>
          client.connection.tap(no | interface)
      <proxy>
          server.connection.tap(no | interface)

Here:

  • no -> Disable tap of client-side traffic.
  • interface -> Specify the interface for tapped content on the client side. The form is adapter:interface.


Verification:
Initiate an encrypted traffic toward the ProxySG appliance using a different machine by going to any HTTP site (http://example.com, in this example).
If all works fine, the traffic can be observed on the capture:


Powered by Wolken Software