3 Replies Latest reply on Jun 16, 2014 3:07 AM by elfrank0

    Web Gateway Reverse Proxy remove VIA Header

    elfrank0

      Hi,
      I have set up a Web Gateway version 7.3.2.10 as a reverse proxy. The actual proxy is working as I expect.
      The setup is the Gateway sits behind a Cisco ASA and is Natted through to a DMZ IP Address.

      The problem I am currently encountering is if you telnet to the live IP on port 80 and type get http <enter>

       

       

      400 badrequest

      Via: 1.0 AA.BB.CC.DD (McAfee Web Gateway 7.3.2.10.0.17592)

      Connection: Close

      Content-Type: text/html

      Cache-Control: no-cache

      Content-Length: 2507

       

      The first lines of the response give the internal IP Address (which I am trying to Stop)

       

      I thought it would be as simple as adding a rule that created an event to remove the Header VIA. I have done this and that hasn't worked.

      I have moved the rule to various different points in the ruleset and re tested to no avail.

       

      I am relatively new to these thing and find them good but frustrating. But I am getting better

       

      Does anyone have any ideas as the best way to do this.

       

      I am hoping to get it to return something like this:
      Via: 1.0 Computer says NO

      or nothing

       

      I was thinking that creating a rule based upon connecting to the IP, without a hostname but unsure of the best way to structure the rule.

       

      URL=AA.BB.CC.DD then block with an event of Header.remove "VIA"

       

      Am i on the right lines or way off the mark?

       

      Thanks in advance for any help

       

      Best Regards

       


      Elfrank0