Cisco Cisco Web Security Appliance S670 User Guide
90
I R O N P O R T A S Y N C O S 6 . 3 F O R W E B U S E R G U I D E
A D V A N C E D P R O X Y C O N F I G U R A T I O N
AsyncOS includes the
advancedproxyconfig
CLI command so you can configure more
advanced Web Proxy configurations, such as authentication and DNS parameters.
The
advancedproxyconfig
command includes the following subcommands:
• Authentication. Configure authentication parameters, such as the number of outstanding
concurrent Basic or NTLMSSP authentication requests to be authenticated by the
authentication server and whether or not to log the username that appears in the request
URI. You can also use the
authentication server and whether or not to log the username that appears in the request
URI. You can also use the
authentication
subcommand to enable the user
acknowledgment page. For more information about the user acknowledgment page, see
“Proxy Usage Agreement” on page 82.
“Proxy Usage Agreement” on page 82.
• Caching. Configure advanced Web Proxy caching options, such as:
• Whether or not to ignore client requests to not retrieve content from the proxy cache
• Whether or not to cache content from an untrusted server
You can configure the parameters separately by selecting “Customized Mode,” or you can
choose a predefined set of parameter values. You can choose the following modes:
choose a predefined set of parameter values. You can choose the following modes:
• Safe mode. This mode uses less caching.
• Optimized mode. This mode uses moderate caching.
• Aggressive mode. This mode uses aggressive caching.
• DNS. Configure DNS-related options, such as the time to cache results of DNS errors and
whether or not the Web Proxy should issue an HTTP 302 redirection on DNS lookup
failure.
failure.
• NATIVEFTP. Configure the FTP Proxy settings, such as the port ranges to use for active and
passive mode and the type of authentication to use for explicit forward connections.
Applies to native FTP transactions only. For more information on configuring the FTP
Proxy, see “Configuring FTP Proxy Settings” on page 76.
Applies to native FTP transactions only. For more information on configuring the FTP
Proxy, see “Configuring FTP Proxy Settings” on page 76.
• FTPOVERHTTP. Configure the login name and password to use for anonymous FTP access
and whether or not to allow active mode for FTP transfers. Applies to FTP over HTTP
transactions only.
transactions only.
• HTTPS. Configure the logging style for URIs used in HTTPS transactions. You can choose
to record the full URI (“fulluri”) or just a portion of the URI with the query portion
removed (“stripquery”).
removed (“stripquery”).
• WCCP. Configure the amount of logging detail to use to debug WCCP related issues.
• Miscellaneous. Configure whether or not the Web Proxy should respond to health checks
from L4 switches and whether or not the Web Proxy should perform dynamic adjustment
of TCP receive window sizes.
of TCP receive window sizes.
Each submenu command is discussed in the detail tables below. For the Default Value
column, a string means a name or list of characters such as “hello world.”
column, a string means a name or list of characters such as “hello world.”