SSH OVER HTTP PROXY WSA

cisco.13 · ‎04-11-2024

Hello,

A client is trying to SSH through the HTTP proxy (WSA), it works but the response times are huge.

ssh_args = -C -o "ProxyCommand=nc -X connect -x proxy-http:8080 %h %p"

It serves its purpose. HTTP proxy isn't designed for that, but has anyone tried it with a different utility or method?

Thank you

fw_mon · ‎04-11-2024

have you tried to disable all security profile for the destinatiton?

Another alternative would be to enable SOCKS proxy and try:

ProxyCommand /usr/bin/nc -X 5 -x wsa.example.com:1080 %h %p

cisco.13 · ‎04-12-2024

Hello @fw_mon, Thank you for your reply
Yes, I bypasses security scanning
SOCKS not enabled in my proxy, I'm looking at this option
Thank you

fw_mon · ‎04-12-2024

you can also create a packet capture to see what causes the latency. In the packet caputure filter select in and out interfaces and use a filter to capture both the client and the ssh host:

host 10.20.30.40 and host 192.168.1.2

cisco.13 · ‎04-16-2024

Hello @fw_mon, no, not better with SOCKS!
I don't see how packet capture can help me?

fw_mon · ‎04-16-2024

if you open the packet capture file with Wireshark you can see if the proxy causes the latency

amojarra · ‎04-19-2024

@cisco.13

As mentioned, WSA is just HTTP/HTTPS/FTP proxy. so for other protocols we do not support.

Regards,

Amirhossein Mojarrad

+++++++++++++++++++++++++++++++++++++++++++++++++++

++++ If you find this answer helpful, please rate it as such ++++

+++++++++++++++++++++++++++++++++++++++++++++++++++

Regards,
Amirhossein Mojarrad
+++++++++++++++++++++++++++++++++++++++++++++++++++
++++ If you find this answer helpful, please rate it as such ++++
+++++++++++++++++++++++++++++++++++++++++++++++++++

SSH OVER HTTP PROXY WSA

Cisco WSA https proxy

[WSA-Training] Bypass Microsoft Updates Traffic

WSA HTTP Rangeリクエストの扱いについて

FirePOWER: ASDM: HTTP Proxyの有効化方法

WSA PROXY S190(PATCHING)