Skip to main content
McAfee Enterprise MVISION Cloud

Redirect only Skyhigh Private Access Traffic

You can redirect only selected traffic (traffic from the private application) and bypass other internet traffic.

  1. On the Skyhigh CASB navigation bar, settings.
  2. Select Infrastructure | Client Proxy Management.
  3. In the policy tree, select Proxy Servers.
  4. Click the highlighted menu icon (...) next to the branch, then select Add New Proxy Server.
  5. Provide a name for the proxy server.
  6. From the Add Proxy drop-down list, select Add Inline, and complete the following:
    • Proxy Hostname or IPv4 Address — Enter direct.mcp as the proxy server name. Select this server as the primary proxy server.
      NOTE: The primary proxy server list should have only one proxy server, which is direct.mcp. This configuration is applicable only when you want to redirect the selected traffic to the alternate proxy server and bypass the rest of the traffic.
    • Listening Port — Provide the port number of the proxy server.
    • Non-HTTP Listening Ports (Optional) — Specifies the port numbers of protocols other than HTTP/HTTPS whose traffic you want redirected. Verify that the proxy server supports these protocols. You can enter comma-separated port values up to 1024 characters in this field.
    • Redirect Ports 80 & 443 — Select Redirect to redirect traffic sent to ports 80 and 443 to a proxy server.
  7. Click Save.
    You can publish saved changes to the cloud now or keep working and publish later.
  8. In the policy tree, select Configuration Policies.
    • Click the highlighted menu icon (...) next to the branch, then select Create New Policy or select an existing policy.
    • Provide the policy name for the new policy.
  9. Select a proxy server from the Primary Server (Required) and Alternate Server.
    NOTE: Make sure to select direct.mcp as the primary proxy server. You can select the default server as the alternate proxy server or add a new proxy server and set it as an alternate proxy server.
  10. Click the List Redirection tab.
  11. Select Send traffic for these IP Addresses to the alternate proxy server to open IP Address to send to alternate proxy.
  12. From the Add IP Address drop-down list, select Add Inline, and complete the following:
    • IP Address — Enter the IP range as 100.64.0.0/16, which is used for private application traffic with hostname.
    • Comment — Enter additional information.
    • + — Click this and add the IP address of the private application.
      NOTE: Perform this step when you want to add one or more private applications with a specific IP address.
    • OK — Click OK to save the changes.
  13. Select Send traffic for these domains to the alternate proxy server to open Domain to send to alternate proxy.
    • From the Add Domain drop-down list, select Add Inline, and complete the following:
      • Domain — Enter mcafee‑cloud.com as the domain name.
      • Comment — Enter additional information.
      • OK — Click OK to save the changes.
  14. Click the Admin tab.
  15. Click List of configured ports to redirect as HTTP/HTTPS traffic to open Ports to redirect as HTTP/HTTPS.
    • From the Add Port drop-down list, click Inline, and complete the following:
      • Port — Specify the port of the private application.
      • Send to Alternate Proxy — Select this checkbox to redirect all traffic from specified ports to an alternate server.
      • Comment — Enter additional information.
      • OK — Click OK to save the changes.

You can publish saved changes to the cloud now or keep working and publish later.

  • Was this article helpful?