Friday, May 25, 2018

proxy redirection Juniper

For whatever  reason junOS has never support WCCP in a SRX. Why Juniper hates or refuse to embrace WCCP might be the love and hate relationship between CSCO


Okay with that out of the way, I work for a major security  vendor and who has websense web-gateways. I will demo how you can redirect traffic for websense using the  utm-policy in a juniper. keep in mind my  websense target is down, so I can't full show the final trafficflow


To run  redistribute clients to a WSG you will  a few items

1st define the  target utm-filter-web  values. You will need the host:port  and the agreed upon timeout


1.1.1.1:8080 would be my  WEBSENSE

Now, we will call a  firewall policy and us the  UTM webfilter within the application-services



And finally we monitor at the  WSG & SRX  for traffic an utm-statistics






TIP s check the following  for diagnostics

  •  show security  utm web-filte status
  • apply a system syslog file  setting and match for WEBFILTER and any


If you are not getting proper filter and see FALLBACK , that's a good possibility that the  WSG is down.











NSE ( network security expert) and Route/Switching Engineer
kfelix  -----a----t---- socpuppets ---dot---com
     ^      ^
=(  @  @ )=
         o 


        /  \



No comments:

Post a Comment