Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Configure Servers for ICAP Communication

  1. Last updated
  2. Save as PDF

Configure servers for communication with clients under ICAP in each of the two ICAP modes.

When a Web Gateway appliance connects as an ICAP client to an appliance that takes the role of an ICAP server, it selects this server from a list that you must configure.

You must specify IP addresses or fully qualified domain names for them and complete this for both the REQMOD and the RESPMOD mode.

NOTE: A Web Gateway appliance that takes the ICAP server role must be configured in explicit proxy or Proxy HA (High Availability) mode. The Transparent Router and Bridge modes are not supported here.

When the Proxy HA (High Availability) mode is configured for an ICAP server, the virtual IP address that is specified here must also be configured as IP address for this server on the ICAP client, both within the REQMOD and RESPMOD parts.

The server port must be the one that you have also configured for this server in the ICAP Server settings.

  1. On a Web Gateway appliance that you want to act as an ICAP client, implement the ICAP Client rule set.
    1. Import the ICAP Client rule set from the library.
    2. Select Policy | Rule Sets, then click ICAP Client.
  2. Configure servers that communicate with the clients in REQMOD mode.
    1. Click Edit next to ReqMod server.
      The Edit List (ICAP Server) window opens.
    2. Under List Content, click Add.
      The Add ICAP Server window opens.
    3. In the URI field under ICAP Server, specify a server.

      Type the IP address or the fully qualified domain name of a server, followed by the ICAP mode. Optionally, you can add a port. If you add no port, the default port 1344 is configured.

      The syntax for specifying this information is displayed above the field. For example, you can type one of the following strings:
      • icap://10.213.246.89/reqmod
      • icap://10.213.246.89:1346/reqmod
      • icap://test-icap.micmwg.com/reqmod
      • icap://test-icap.micmwg.com:1346/reqmod

        You can add more than one server to the list. Web Gateway tries the listed servers in round-robin mode until a connection is established.
    4. Click OK in each of the two open windows.
       
  3. Configure servers that communicate with the clients in RESPMOD mode.
    1. Click Edit next to RespMod server.
    2. Proceed in the same way as for the RESPMOD mode while specifying respmod for the ICAP mode.
  4. Click Save Changes.
  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Article type
    Topic
  2. Tags
    This page has no tags.