Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 4 replies
  • Answers 2 answers
  • Subscribers 40 subscribers
  • Views 19792 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

What is Proxied, Via: HTTP/1.1 sophos.http.proxy:3128

MikeSampson

I am troubleshooting the streaming issue with HTTP malware scanning enabled and noticed this which I do not see in UTM 9.  Still need to keep HTTP malware checks off when using XG.  Testing before I switch from UTM 9 to XG.  On UTM 9 I do not see the proxy listed on sites I go to such as http://test-ipv6.com/ .  I see the setting in XG however I have it unchecked under Routing - Upstream Proxy (both IP settings off).  What component of XG uses this proxy?  Does this mean all traffic from my LAN goes through a XG host before the Internet destination?  Can it be disabled?   

XG will be a good move forward once the bugs are minimized but still has some issues to deal with.  Any info would be good.  Thanks.



This thread was automatically locked due to age.
  • 0

    Mike,

    the upstream proxy feature is used when the XG is behind another proxy that may require authentication (i think it is not your case).

    On the forum you will find other Streaming Threads and possible workaround. Have a look at this one:

    https://community.sophos.com/products/xg-firewall/f/129/t/11088

    XG works as transparent proxy. You can use Policy rule and "Allow all" or not applying IPS/Web/Application filter in order to surf on internet without protection.

  • 0 in reply to lferrara

    Thanks for the info Lferrara.

    I do not need to lock my users from going places.  Just wondering if all my traffic has to go to that proxy first.  I assume that is what is happening since the UTM 9 does not show a proxy when doing external checks.

    As for the streaming it was what I was troubleshooting when I discovered the proxy.  My APP and Web filter is Allow All.  When I enable IPS inbound traffic gets a lot slower as it checks things deeper.  Still looking into that. 

    Of course enabling "Scan HTTP" under malware scanning kills many streaming services.  Even simple radio stations.  Seems to hang on the file which gets downloaded to the PC to pull the station data in.  Nothing in the logs but a capture shows the 6.5 MB file under "GET" command but never received. 

    As I get more familiar with XG I will decide when it can replace UTM 9.  Avoiding the proxy is my current step.

    Thanks again

  • 0

    Hi Mike,

    As when we apply any web filter policy or any http/s scanning or both then XG works as an transparent proxy.

    If you do not want to show that "this is the proxied connection" then you can disable it via below commands. By default it is enabled.

    console> set http_proxy add_via_header off

    Hope this answer will help you. [:)]

    Regards,

    Vishal Patel

  • 0 in reply to vishaljpatel

    Thanks for the info.  Looks like the proxy will remain on based on the features I intend to use once they get them working where the malware filters do not kill the streams.  Just need to note that the server will always show in the traceroute.  Odd that I am connecting to HTTPS streams but the proxy is HTTP.  I assume after the initial connection the proxy is no longer involved.  Thanks.

Unfiltered HTML