cancel
Showing results for 
Search instead for 
Did you mean: 
franks
Level 7

Send group information to next hop proxy

Hi,

we plan to use a (first) MWG 7.2 for authentication and logging and then send all the traffic to another (second, next hop) MWG 7.2 where filtering and scaning will be done.

It's also requried to have different regulations for users, depending on which AD groups they are members of.

Authentication is done by using NTLM and an Active Directory.

I've already implemented the "Get Group Membership from Downstream Proxy" on the second MWG, which should work if the first MWG would send the group information to the second MWG...

Documentation only says it assumes that the first proxy is already configured to send group memberships in a "X-Autrhenticated-Groups" header,

How can I configure this?

Thx, frank

0 Kudos
2 Replies
eelsasser
Level 15

Re: Send group information to next hop proxy

Try something like this:

Capture.jpg

0 Kudos
asabban
Level 17

Re: Send group information to next hop proxy

Hello,

I added the screenshot to the rule set documentation. I think it may help to at least show an example, even if the exact setup is not described in that document.

Thank you,

Andre

0 Kudos