Forum Discussion
NimbostratusWebsense Proxies in same pool as servers - Unable to browse through Proxies
I have a single subnet for all of my pool nodes, 172.31.102.128/25 and in this network I have a few servers and also my Websense Proxy servers.
When the pool servers access the proxy via the virtual server IP, 172.31.102.9/25, they cannot get out. I would assume that the traffic goes in via the VS IP but the communication from the proxy to the originating host is then direct within the 172.31.102.128/25 network and not out from the VS 172.31.102.9 IP.
How can I force this traffic to go back through the F5 and route back to the host making the original request?
5 Replies
- Kevin_Stewart
Employee
Have you verified that traffic is actually getting to the other side of the proxy? If so, have you tried applying a SNAT to the virtual server?
ScottR_143804I ran a trace and found that the issue only appears when using a proxy.pac file. With Websense they use port 8083. The trace shows the file being requested via the VS IP, but then there is a direct communication between the proxy and the pool host that requested the file. It's not being sent back from the VS IP.
If I tell IE to use the 172.31.102.9 : 8080 manually this works just fine.
Cory_50405Noctilucent
As Kevin says, applying SNAT to your virtual server should fix this issue.
- ScottR_143804Can you give me an example of what I need to do to accomplish this?
- Cory_50405If you navigate to your virtual server configuration in the GUI and scroll to the bottom, the 'SNAT Pool' configuration item will be there. If you want to set a specific NAT address, you can build a SNAT pool and assign it here, or just use Auto Map. Generally Auto Map will meet your needs. After assigning Auto Map to your SNAT, try your connection again.
