How to use FileZilla over SOCKS with a Blue Coat Proxy SG unit

<< Back to Knowledge Search



How to use FileZilla over SOCKS with a Blue Coat Proxy SG unit (SGOS 5 and 6)

This document explains how to set-up the following:
1.       FileZilla proxy config for SOCKS
2.       BC Proxy Services
3.       Blue Coat VPM
This KB assumes that you have already configured one of the following forms of authentication:
Step 1 – Set-up FileZilla
Once installing FileZilla go to Edit > Settings > expand the Connection menu and then expand the FTP menu > then select Generic Proxy.
As you image above show you need to select ‘SOCKS 5’ and then enter the IP address of the Blue Coat Proxy > specify the SOCKS port that will be set on the BC Proxy (by default this will be 1080). Then enter the correct Username and Password that will allow the client access.
Step 2 – Configuring the SOCKS service on the Blue Coat Proxy
Connect to the Blue Coat Proxy > Configuration > Services > expand the ‘Standard’ services list > locate the SOCKS service and change the service from ‘Bypass’ to ‘Intercept’.
Now locate the FTP service and make sure that this is also set to ‘Intercept’.
Step 3 – Configure the VPM for SOCKS access and Authentication
Connect to the Blue Coat Proxy > Configuration > Policy > Visual Policy Manager > click on the ‘Launch’ button.
You will first want to add the SOCKS Authentication Layer.
Go to Policy > Add SOCKS Authentication Layer:
Now the Layer has been added you will need to set the Action to use the Auth Realm you require:
Right click on the word ‘None’ underneath the Action column.
 As per the image above click on the ‘New’ button and select ‘SOCKS Authentication’ and then select the Auth Realm you have configured. Your result should look something like:
Now in this basic scenario I have a Web Access Layer configured that is set to allow all traffic as you can see below:
The rule base will allow the FileZilla client to access any FTP site (or anything) and any User to access any site but thanks to the SOCKS Authentication Layer any connection that uses port 1080 has to authenticate to the Auth Realm set in the SOCKS Authentication Layer.
Now as you can see from the image below the FileZilla client can now connect to the FTP site via the Blue Coat Proxy.
Additional Information
Bug Number
InQuira Doc IdFAQ1435

Article Feedback

Hide Properties
First Published      10/01/2014
Last Modified      10/01/2014
Last Published      10/01/2014
Article Audience
Product      SG200, SG210, SG300, SG510, SG600, SG8100, SG900, SG9000
Article Number      000011426
Was this helpful?
Previous MonthNext Month