Connection to the infoblox server from vRA node appears to be functional: 

# curl -v https://<infoblox ip>:443

However, Infoblox Integration process in Aria Automation through Proxy Server fails with error message:

"Unable to validate the provided access credentials: Failed to validate credentials with error message: host='<Infoblox server ip>', port=443): Read timed out. (read timeout=30)\"))" (less)"
"Failed to validate credentials. Error: Execution of action Infoblox_ValidateEndpoint failed on provider side: Action run failed with the following error: "Infoblox HTTP request failed with: HTTPSConnectionPool(host='<IP of the infoblox host>', port=443): Max retries exceeded with url: /wapi/v2.7/networkview?_return_fields=name (Caused by ReadTimeoutError(\"HTTPSConnectionPool(host='<IP of thei infoblox host>', port=443): Read timed out"

When the "Infoblox Integration" with Aria Automation is done through a proxy server, it looks for the Infoblox Host IP in the list of host IPs in the "proxy-exclude list", and if it doesn't see it, the connection fails.

When the Infoblox Integration is performed for the first time, the Infoblox Host IP is typically "not set" in the exclude-proxy list. It "needs to be added" to the proxy-exclude list for the integration to succeed via the proxy server.

To configure proxy settings and exclude specific destinations from being proxied in "Aria Automation 8.x", the vracli proxy set command is used.

1. SSH to the vRA appliance node.

2. Get the list of existing proxy-exclude values (IPs and/or FQDNs) of the internal websites with the command:

   vracli proxy show

   Example output:

   root@<aria-automation-machine-name> [ ~ ]# vracli proxy show
   {
       "config_timestamp": "1736200455",
       "enabled": true,
       ........
       "system-proxy-exclude": ".local,.localdomain,localhost,127.0.0.1,127.,kubernetes,.cluster.local, <domain>.svc.cluster.local,.prelude.svc.cluster.local,<Aria-automation-machine-name>.<domain>,.... followed by the list of existing IPs that are in the are already in the system-proxy-exclude list
   .

3. Add the "Infoblox Host IP" to proxy exclude list with the command:

   root@<aria-automation-machine-name> [ ~ ]# vracli proxy set --proxy-exclude ".local,.localdomain,localhost,127.0.0.1,127.,kubernetes,.cluster.local, svc.cluster.local,.prelude.svc.cluster.local,<Aria-Automation-machine-name>.<domain>,<IP of the Infoblox server host>,.... the list of existing IPs that are already in the system-proxy-exclude list,<Infoblox-Host-IP>"

4. Apply the proxy-exclude settings with the "Infoblox Host IP" using the command:

   root@<Aria-Automation-machine-name> [ ~ ]# vracli proxy apply
   ==> Applying the latest configuration changes
   Updating etcd with internet.proxy.scheme configuration ... Done
   Updating etcd with internet.proxy.host configuration ... Done
   Updating etcd with internet.proxy.port configuration ... Done
   .
   .
   Updating etcd with internet.proxy.java-proxy-exclude configuration ... Done
   Updating etcd with curl.proxy.https-proxy configuration ... Done
   Updating etcd with curl.proxy.proxy-exclude configuration ... Done
   Updating etcd with internal.proxy.config configuration (default) ... Done
   ==> Restarting proxy pod: proxy-service , please wait ...
   ==> The internal proxy was restarted.

5. Try the "Infoblox Integration" process on the Aria Automation Assembler with its Host IP.

In a proxy server configuration, the "proxy-exclude" setting, often referred to as proxy exclusions or bypasses, allows you to specify certain websites, domains, or IP addresses that should "bypass the proxy server" and connect directly to the internet. This is useful for improving performance, accessing internal network resources, or handling specific types of traffic that don't require proxy processing.

When a user attempts to access a resource, the proxy server checks if it's on the exclusion list. If it is, the connection is established "directly" with the destination, bypassing the proxy.