2. Determine which ProxySG needs to be in the connection forwarding cluster. This is typically done by network topology inspection.
3. Add all the ProxySG addresses to the connection forwarding cluster:
#(config connection-forwarding)add <ipv4-address-sg1>
#(config connection-forwarding)add <ipv4-address-sg2>
Note that the list of ProxySGs needs to include itself. Currently, the tunnel between the ProxySGs participating in the cluster is IPv4 only. But this should not impact the overall usability since the user traffic can be both IPv4 and IPv6.
4. Enable connection forwarding:
5. Enable the desired services. We are using HTTP in this example:
#(config proxy-services)edit “External HTTP”
#(config External HTTP)intercept transparent 80
6. The blue line illustrated in the following network diagram indicates how the packets are routed through the network. The packets that get forwarded between the ProxySGs are IPv6, although the tunnel indicated in this diagram is IPv4 only.