cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
978
Views
0
Helpful
1
Replies
praveen.ghimire
Beginner

Cisco Ironport S160 Port forwarding

Hi,

We've got a device within the network which needs to send data out to a website on port 5009. We've setup the following to allow the traffic

- Identity with the interal IP as  member and bypass the proxy (the device can only be configured with the Proxy IP and port, no logins)

- Added Port 5009 n HTTP Ports to Proxy

- Added the destination IP n L4 Traffic allow list

We are still not able to route the traffic.

We then tried to get the traffic coming in the other way. We've asked the ISP to put in a port forwarding to forward traffic on Port 5019 to the device. This is also not working. We can get to the device on the internal Port without any issues. The question does the IronPort need to be configured to allow the traffic coming in? We dont have any other incoming port forwarded traffic.

1 REPLY 1
Christian Rahl
Beginner

Hello,

I will need a quick explanation on how your environment is laid out for your Web Content Appliance.

1. Is your proxy transparent or explicitly proxied? Do you have multiple proxies that you are load balancing?

2. If it is explicit, do you use a PAC file or is the proxy configured in the network configuration?

3. If it is transparent, what do you use to redirect traffic? Is it wccp or L4 redirection? What kind of device are you using to redirect traffic? ASA, Catalyst, Nexus, something else?

4. Is there any third party devices being used between the proxy and the clients or between the proxy and the outside world?

5. What are your authentication requirements? How are you authenticating them (NTLMSSP, TUI, or Basic)?

Thank you for answering these questions.

Christian Rahl

Customer Support Engineer

Cisco Web Content Security Appliance

Cisco Technical Assistance Center RTP

Create
Recognize Your Peers
Content for Community-Ad