Cisco Cisco Web Security Appliance S170 Guía Del Usuario
5-6
Cisco IronPort AsyncOS 7.7 for Web User Guide
Chapter 5 Web Proxy Services
Custom Headers
Step 5
Submit and commit your changes.
Custom Headers
You can add custom headers to specific outgoing transactions to request special handling of your
outgoing requests by specific domains. For example, if you have a relationship with YouTube for
Schools, you can use a custom header to identify transaction requests to YouTube.com as coming from
your network and requiring special handling.
outgoing requests by specific domains. For example, if you have a relationship with YouTube for
Schools, you can use a custom header to identify transaction requests to YouTube.com as coming from
your network and requiring special handling.
You can log custom headers in the access log for troubleshooting purposes.
Related Topics
•
•
•
Generate Headers
•
X-Forwarded-For. Choose whether or not to forward HTTP
“X-Forwarded-For” headers. Default is Do Not Send.
Note: If the network contains an explicit forward upstream proxy that
manages user authentication or access control using proxy
authentication, you must enable the X-Forwarded-For header to send
the client host header to the upstream proxy.
“X-Forwarded-For” headers. Default is Do Not Send.
Note: If the network contains an explicit forward upstream proxy that
manages user authentication or access control using proxy
authentication, you must enable the X-Forwarded-For header to send
the client host header to the upstream proxy.
•
VIA. Choose whether or not to forward HTTP “VIA” headers in
HTTP requests from clients and HTTP responses from servers.
Default is Send.
HTTP requests from clients and HTTP responses from servers.
Default is Send.
Use Received Headers
Check the Enable Identification of Client IP Addresses using
X-Forwarded-For check box if the appliance has been deployed as an
upstream proxy and you want it to identify clients using the IP address
specified in the X-Forwarded-For header instead of the IP address from the
downstream proxy. You should only enable this option when the appliance
receives client requests from a trustworthy downstream proxy or load
balancer.
X-Forwarded-For check box if the appliance has been deployed as an
upstream proxy and you want it to identify clients using the IP address
specified in the X-Forwarded-For header instead of the IP address from the
downstream proxy. You should only enable this option when the appliance
receives client requests from a trustworthy downstream proxy or load
balancer.
When you enable this option, enter the IP address of a downstream proxy
or load balancer. You cannot enter subnets or hostnames. Click Add Row
to add more than one IP address. The Web Proxy will not accept the IP
address in a X-Forwarded-For header from a machine that is not included
in the list.
or load balancer. You cannot enter subnets or hostnames. Click Add Row
to add more than one IP address. The Web Proxy will not accept the IP
address in a X-Forwarded-For header from a machine that is not included
in the list.
Note
You can display the downstream IP address in the access logs using
the %XV custom format specifier, and in the W3C access logs
using the x-request-source-ip variable.
the %XV custom format specifier, and in the W3C access logs
using the x-request-source-ip variable.
Table 5-1
Web Proxy Settings (continued)
Property
Description