WSA HTTP redirection

Jeffrey Ness · ‎06-30-2011

I'm new to supporting IronPort WSA (but have experience with other products). I've noticed that with pretty much every request to the proxy (using explicit browser proxy settings) it redirects the client from the proxy port (3128) to the WSA hostname with some characters followed by the actual request. This seems to break a lot of things like the Bing accelerator in the address bar of Internet Explorer. A couple questions:

Is there any way to disable this redirection for the sites that it causes problems with (most proxy products have a way to bypass deep inspection for sites have HTTP compliance issues or problems with headers getting modified by the proxy). I can't seem to figure out how to do this in IronPort WSA even with an unauthenticated policy.

While the web proxy service ports are defined as 80 and 3128 if I use port 80 in the browser configuration, pages don't load. Is this normal that it redirects to port 80 without any regard for the port the proxy port used?

Tery Le Febvere · ‎07-01-2011

Hi Jeffrey,

My name is Tery and I am with IronPort Support Web team. Looks like you have issues with some sites did you verify the issue by looking at the accesslogs?

To grep the accesslogs do the following:

SSH into the WSA and run the following command from the CLI:

1. Grep

2. Enter the number of the log you wish to grep: 1 (for accesslogs)

3. Enter the regular expression to grep: client IP

4. Do you want this search to be case insensitive?: Y

5. Do you want to paginate the output?: N

https://supportforums.cisco.com/videos/1965

Copy and paste the logs here so we can figure out why this is happening.

Thanks,

Tery

Jeffrey Ness · ‎07-01-2011

Tery,

Thanks I'd looked at the logs. I found I didn't actually add api.bing.com (for the address bar search accelerator) to the authentication exempt URL category and once I did that the accelerator worked normally. I guess I'll have to wait until the next website issue to troubleshoot this...