Cisco Cisco Web Security Appliance S670 User Guide
4-8
AsyncOS 9.1 for Cisco Web Security Appliances User Guide
Chapter 4 Intercepting Web Requests
Web Proxy Options for Intercepting Web Requests
Step 4
If you chose option 4 (Customized mode), enter values (or leave at the default values) for each of the
custom settings.
custom settings.
Step 5
Press Enter until you return to the main command interface.
Step 6
Commit your changes.
Related Topics
•
.
Web Proxy IP Spoofing
When the web proxy forwards a request, it changes the request source IP address to match its own
address by default. This increases security, but you can change this behavior by implementing IP
spoofing, so that requests retain their source address and appear to originate from the source client rather
than from the Web Security appliance.
address by default. This increases security, but you can change this behavior by implementing IP
spoofing, so that requests retain their source address and appear to originate from the source client rather
than from the Web Security appliance.
IP spoofing works for transparent and explicitly forwarded traffic. When the Web Proxy is deployed in
transparent mode, you have the choice to enable IP spoofing for transparently redirected connections
only or for all connections (transparently redirected and explicitly forwarded). If explicitly forwarded
connections use IP spoofing, you should ensure that you have appropriate network devices to route return
packets back to the Web Security appliance.
transparent mode, you have the choice to enable IP spoofing for transparently redirected connections
only or for all connections (transparently redirected and explicitly forwarded). If explicitly forwarded
connections use IP spoofing, you should ensure that you have appropriate network devices to route return
packets back to the Web Security appliance.
When IP spoofing is enabled and the appliance is connected to a WCCP router, you must configure two
WCCP services: one based on source ports and one based on destination ports.
WCCP services: one based on source ports and one based on destination ports.
Related Topics
•
.
•
.
Web Proxy Custom Headers
You can add custom headers to specific outgoing transactions to request special handling from
destination servers. For example, if you have a relationship with YouTube for Schools, you can use a
custom header to identify transaction requests to YouTube.com as coming from your network and as
requiring special handling.
destination servers. For example, if you have a relationship with YouTube for Schools, you can use a
custom header to identify transaction requests to YouTube.com as coming from your network and as
requiring special handling.
Adding Custom Headers To Web Requests
Step 1
Access the CLI.
Step 2
Use the
advancedproxyconfig
->
customheaders
commands to access the required submenus:
example.com> advancedproxyconfig
Choose a parameter group:
- AUTHENTICATION - Authentication related parameters
- CACHING - Proxy Caching related parameters
- DNS - DNS related parameters
- EUN - EUN related parameters
- NATIVEFTP - Native FTP related parameters