CE 566 issue after putting outgoing origin-server

Unanswered Question
Jun 3rd, 2008
User Badges:
  • Bronze, 100 points or more

Dear Experts ,


I have one CE 566 for my internal users . Previously we were putting ISP parent proxy , but they told us that that proxy will not be no more and you have to put the traffic to go diarectly.


I did the config, but the browsinbg is not working without outgoing proxy . Is there is anything mess up with my config ? Please help


-------------------------------

sh run


! ACNS version 5.2.3

!

device mode content-engine

!

!

hostname CE-566-Proxy2-1

!

http serve-ims text 98 binary 98

http dns-cache size 4096

http append x-forwarded-for-header

http cache-authenticated basic

http cache-authenticated ntlm

http cache-cookies

http client-no-cache-request ignore

http cache-on-abort enable

http cache-on-abort max-threshold 5000

http proxy incoming 80

http proxy outgoing origin-server

hhttp l4-switch enable

http cache-vary-user-agent enable

http smart-range enable

http destination-port allow 90

!

ftp proxy incoming 80


!

!

!

!

ip domain-name test.com

!

!

!

gui-server secure port 8080

!

https proxy incoming 80

http proxy outgoing origin-server


!

!

interface GigabitEthernet 1/0

ip address 172.16.5.7 255.255.255.0

exit

interface GigabitEthernet 2/0

shutdown

exit

!

!

ip default-gateway 172.16.5.1

!

!

!

!

no auto-register enable

!

!

!

!

ip name-server 172.17.4.13

!

!

!

!

!

!

!

!

!

!

!

!

!

!

websense-server service policy remote host 172.17.0.121

!

!

!

!

username admin password 1 *****

username admin privilege 15

!

!

!

!

!


!

!

url-filter http websense server 172.17.0.121

url-filter http websense enable

!

!

!

!

!

!

!

! End of ACNS configuration


CE-566-Proxy2-1#

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
dstolt Tue, 06/03/2008 - 16:46
User Badges:
  • Cisco Employee,

Haris,


Are your websense servers working correctly? "http proxy outgoing origin-server" is used as a fail-over mechanism if the rest of your outgoing proxies fail. I don't see any other proxies configured, so I don't see anything that would direct your outgoing traffic other then the default gateway. Is there another device intercepting the traffic?


You may want to consider looking at a newer version of ACNS, however I can't make a recommendation on the code version, and if it's working OK, you may want to stick with what you have.


Dan

Actions

This Discussion