cancel
Showing results for 
Search instead for 
Did you mean: 
elfrank0
Level 8

Web Gateway Reverse Proxy remove VIA Header

Jump to solution

Hi,
I have set up a Web Gateway version 7.3.2.10 as a reverse proxy. The actual proxy is working as I expect.
The setup is the Gateway sits behind a Cisco ASA and is Natted through to a DMZ IP Address.

The problem I am currently encountering is if you telnet to the live IP on port 80 and type get http <enter>

400 badrequest

Via: 1.0 AA.BB.CC.DD (McAfee Web Gateway 7.3.2.10.0.17592)

Connection: Close

Content-Type: text/html

Cache-Control: no-cache

Content-Length: 2507

The first lines of the response give the internal IP Address (which I am trying to Stop)

I thought it would be as simple as adding a rule that created an event to remove the Header VIA. I have done this and that hasn't worked.

I have moved the rule to various different points in the ruleset and re tested to no avail.

I am relatively new to these thing and find them good but frustrating. But I am getting better

Does anyone have any ideas as the best way to do this.

I am hoping to get it to return something like this:
Via: 1.0 Computer says NO

or nothing

I was thinking that creating a rule based upon connecting to the IP, without a hostname but unsure of the best way to structure the rule.

URL=AA.BB.CC.DD then block with an event of Header.remove "VIA"

Am i on the right lines or way off the mark?

Thanks in advance for any help

Best Regards


Elfrank0

0 Kudos
1 Solution

Accepted Solutions
elfrank0
Level 8

Re: Web Gateway Reverse Proxy remove VIA Header

Jump to solution

Well I have now resolved the issue, and whilst the reply from Jon was very useful adding the rule made no change

However within the Configuration -> proxies there is a little tick box that is ticked "Add Via HTTP Header"
Once I removed that from both Gateways in the cluster it fixed the issue.

I have included an image to assist. And I hope it helps someone else in the future


Best Regards, and thanks

Elfranko

screenshotfdb.jpg

Message was edited by: elfrank0 on 16/06/14 03:07:44 CDT
0 Kudos
3 Replies
McAfee Employee

Re: Web Gateway Reverse Proxy remove VIA Header

Jump to solution

Hi Elfrank,

Please see our best practice on the matter, it includes a ruleset you can use to accomplish this:

https://community.mcafee.com/docs/DOC-4816

Best,

Jon

philiprey
Level 10

Re: Web Gateway Reverse Proxy remove VIA Header

Jump to solution

Hi Jon,

Thanks for the info about that doc.

A novice question here,

Just wondering what causes the proxy loop in the first place? I understood that this can occur when there is proxy chaining in place since proxies forward request back and forth causing a loop.

How about with a single proxy, what causes it to forward the request to itself? Does this happen only to blocked sites?

Regards,

philiprey

0 Kudos
elfrank0
Level 8

Re: Web Gateway Reverse Proxy remove VIA Header

Jump to solution

Well I have now resolved the issue, and whilst the reply from Jon was very useful adding the rule made no change

However within the Configuration -> proxies there is a little tick box that is ticked "Add Via HTTP Header"
Once I removed that from both Gateways in the cluster it fixed the issue.

I have included an image to assist. And I hope it helps someone else in the future


Best Regards, and thanks

Elfranko

screenshotfdb.jpg

Message was edited by: elfrank0 on 16/06/14 03:07:44 CDT
0 Kudos