cancel
Showing results for 
Search instead for 
Did you mean: 
PhilM
Level 14

Web Gateway 7 - Send specific URLs to upstream proxy

One of my customers has just asked a question, but as my colleague (who deals both with this customer and  WebGateway more than I do) is not immediately available I thought I'd ask the question here.

The customer is currently running an older appliance with Web Gateway 6.x running on it. A proposal is being put forward to replace the hardware and, in doing so, introduce this customer to version 7.

In his current v6 configuration he explains that he has a number of 'rules' configured which look out for specific URL reqests from users and when a URL is matched instead of sending the connection out via the default gateway it is sent to an explicit upstream proxy device (which is connected to a different network).

The question is simple; does this functionality still exist in version 7?

Many Thanks

-Phil.

0 Kudos
5 Replies
eelsasser
Level 15

Re: Web Gateway 7 - Send specific URLs to upstream proxy

Yes, it's very easy to do.

Just create a rule that says if URL matches in list "listname"

Enable next-hop proxy event.

It will hop only for the URL that match.

adamft
Level 7

Re: Web Gateway 7 - Send specific URLs to upstream proxy

Hi,

I'm the colleague who deals with the customer, and the WebGateway product. I'm setting this up on-site and seem to have run into a bit of a problem...  When I first implemented this it all seemed to work fine, but on closer investigation, it seems that it only works for plain HTTP URL's, all the HTTPS requests are not matching, and don't re-direct.  Do I have to de-crypt for this to work?  On the old Version 6 product both plain and encrypted sessions worked fine?

Adam Thompson

0 Kudos
asabban
Level 17

Re: Web Gateway 7 - Send specific URLs to upstream proxy

Hi Adam,

usually the URL should be part of the CONNECT request done with HTTPS and the properties should be fille the same way for HTTP and HTTPS. What do you see in the logs?

If you are running in transparent mode it may happen that MWG only sees the IP address of a request (can be seen in the access.log). Then a "URL = www.google.com" criteria won´t match.

Best,

andre

0 Kudos
adamft
Level 7

Re: Web Gateway 7 - Send specific URLs to upstream proxy

Andre,

Brilliant...  I was matching on "http://<URL.to.redirect>" and "https://<url.to.redirect>" but of course the CONNECT option contains neither of those just the host!  I've added a 'url.host' match and put them in there and all seems to know be working!

Thanks for the hint.

Adam

0 Kudos
asabban
Level 17

Re: Web Gateway 7 - Send specific URLs to upstream proxy

Hey Adam,

thank you for the feedback. I am glat that it works now :-)

Best,

Andre

0 Kudos