About the Transparent Proxy with L2 Transparent Mode

Last updated
Save as PDF

When setting up a proxy on a Web Gateway appliance, you can configure it to run in Transparent Proxy mode and use the L2 (Layer 2) transparent method to redirect web traffic from the clients to Web Gateway.

Alternatively, you can redirect web traffic using WCCP (Web Cache Communication Protocol). You can also configure and use both methods at the same time.

Configure the Transparent Proxy with L2 transparent mode

Configure the Transparent Proxy mode for proxies that run on Web Gateway and use the L2 (Layer 2) transparent method to redirect web traffic sent by clients.

Select Configuration | Appliances.
On the appliances tree, select the appliance where you want to configure the Transparent Proxy with L2 transparent mode. Then click Proxies.
Under Network Setup, select Proxy (optional WCCP).
The Transparent Proxy settings appear.
Select L2 transparent.
The Port redirects list appears.
Add entries for port redirects to this list as needed.
1. Click the Add icon.
  The Add Proxy Port Redirects window opens.
2. Use the options in this window to create and add list entries.
  Each entry specifies particular ports that web traffic was originally directed to and the ports on the proxy that this traffic is redirected to.
Click Save Changes.

Web traffic coming in from the clients is now redirected under the L2 transparent method to the ports that you configured.

Transparent Proxy settings (for use with L2 transparent)

Settings for the Transparent Proxy mode when using the L2 transparent method to redirect web traffic

Option

Definition

Supported client redirection methods

Lets you select a method for redirecting web traffic.

WCCP — When selected, HTTP client requests sent to web servers under IPv4 and IPv6 are intercepted by an additional network device and redirected to the appliance using the Web Cache Communication Protocol (WCCP).

The clients are not aware of the redirection, it remains transparent for them.

In the same way as for client requests, responses from web servers are directed back to the appliance.

When using the WCCP redirection method, you need to configure one or more WCCP services on the appliance to let them perform the redirection.

You also need to configure the network device that intercepts the client requests and server responses. This device can be configured as a router or switch with routing functions.

After selecting this option, the WCCP Services inline list appears for configuring and adding WCCP services.

NOTE: After selecting this option, the WCCP Services list appears below where you can configure and add WCCP services.
L2 transparent — When selected, client requests sent to a web server under IPv4 and IPv6 are intercepted by an additional network device and directed to the appliance using the Layer 2 redirection method.

Under this method, client requests are accepted on the appliance even if their destination IP addresses are not addresses of the appliance. The redirection is transparent to the clients.

You need to enter the original ports for those client requests that are to be intercepted and redirected in a list on the appliance together with the ports that these requests are redirected to.

The additional network device must be configured accordingly.

When this option is selected, requests can not be transmitted using a connection in active FTP mode. Only the passive FTP mode is then available.

NOTE: After selecting this option, the Port Redirects list appears below where you can configure and add port for redirecting web traffic.

The following table describes the fields of an entry in the list of port redirects for the L2 transparent redirection method.

Option	Definition
Original destination port	Specifies the port or ports that web traffic coming in from a client was originally directed to.
Destination port proxy	Specifies the port on the proxy that this traffic is redirected to.
Comment	Provides a plain-text comment on the redirection.