Cisco Cisco Web Security Appliance S690 User Guide
C O N F I G U R I N G T H E W E B P R O X Y
C H A P T E R 5 : W E B P R O X Y S E R V I C E S
71
4. Configure the basic and advanced Web Proxy settings defined in Table 5-1.
Table 5-1 Web Proxy Settings
Property
Description
HTTP Ports to Proxy
Enter which ports the Web Proxy monitors for HTTP requests.
Default is 80 and 3128.
Default is 80 and 3128.
Caching
Choose whether or not the Web Proxy should cache requests and
responses.
Default is enabled.
responses.
Default is enabled.
Proxy Mode
Choose how to deploy the Web Proxy:
• Transparent mode. Clients applications are unaware of the Web
• Transparent mode. Clients applications are unaware of the Web
Proxy and do not have to be configured to connect to the proxy. In
transparent mode, the Web Proxy can accept both transparently
redirected and explicitly forwarded connections.
For more information, see “Deploying the Web Proxy in
Transparent Mode” on page 34.
transparent mode, the Web Proxy can accept both transparently
redirected and explicitly forwarded connections.
For more information, see “Deploying the Web Proxy in
Transparent Mode” on page 34.
• Explicit forward mode. Client applications, such as web browsers,
are aware of the Web Proxy and must be configured to point to a
single Web Security appliance. In explicit forward mode, the Web
Proxy can only accept explicitly forwarded connections.
For more information, see “Deploying the Web Proxy in Explicit
Forward Mode” on page 33.
single Web Security appliance. In explicit forward mode, the Web
Proxy can only accept explicitly forwarded connections.
For more information, see “Deploying the Web Proxy in Explicit
Forward Mode” on page 33.
IP Spoofing
Choose whether or not the Web Proxy should spoof IP addresses
when sending requests to upstream proxies and servers.
When the Web Proxy is deployed in transparent mode, you can
enable IP spoofing for transparently redirected connections only or all
connections (transparently redirected and explicitly forwarded).
When IP spoofing is enabled, requests originating from a client retain
the client’s source address and appear to originate from the client
rather than from the Web Security appliance.
Note: When IP spoofing is enabled and the appliance is connected to
a WCCP router, configure a WCCP service to redirect the return path.
when sending requests to upstream proxies and servers.
When the Web Proxy is deployed in transparent mode, you can
enable IP spoofing for transparently redirected connections only or all
connections (transparently redirected and explicitly forwarded).
When IP spoofing is enabled, requests originating from a client retain
the client’s source address and appear to originate from the client
rather than from the Web Security appliance.
Note: When IP spoofing is enabled and the appliance is connected to
a WCCP router, configure a WCCP service to redirect the return path.